On Friday 01 April 2011 12:08:16 ono-sendai wrote:
> On 01/04/2011 11:35, LordZen wrote:
> > Divertente no??
> >
> > http://www.commonexploits.com/?p=266
>
> Hahahah..penso che la tua sia una grande email per "sverginare" la lista...
> :) . Aspetto che accettino gli inviti gli altri e per questa sera mando
> una mail di riepilogo della scorsa riunione..
The URL:
http://www.commonexploits.com/ is vulnerable to cross site request
forgery.
An unidentified vulnerability was found at: "
http://www.commonexploits.com/wp-
comments-post.php", using HTTP method POST. The sent post-data was:
"...comment_post_ID=d'kc"z'gj'"**5*(((;-*`)...".
eval() input injection was found at: "
http://www.commonexploits.com/", using
HTTP method GET. The sent data was:
"refreshRate=30&sources=sleep(9)%3B&viewMoreUrl=56&viewMoreText=view+more&tweetsNum=6".
The modified parameter was "sources".
e tante altre ancora...
Predicano bene ma razzolano male eh :D
cheers
--
Agostino Sarubbo ( ago )
Mail: ago@???
Irc: irc.freenode.net ago
Gpg: 0x7CD2DC5D
Arch Tester for Gentoo Linux amd64
http://is.gd/hcQem
Admin for HacklabCS c/o HPCC at Unical
This mail has been sent with kmail on gentoo.