Ektron CMS TakeOver Part (2) - PaylPal-Forward.com demonstration

[Mark Litchfield <mark () securatary com>]

As previously stated, I would post an update for Ektron CMS bypassing 
the security fix.

A full step by step with the usual screen shots can be found at - 
http://www.securatary.com/vulnerabilities

In this example, we use www.paypal-forward.com as a demonstration site.  
I would like to say that PayPal fixed this issue with their own 
workaround extremely quickly.  Excellent work by their security / dev team.

All the best

Mark Litchfield
www.securatary.com





This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now! 
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------