[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] file upload widgets in IE and Firefox have issues

To: <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: [Full-disclosure] file upload widgets in IE and Firefox have issues
From: "Michel Lemay" <mlemay@xxxxxxxxx>
Date: Wed, 7 Jun 2006 09:43:47 -0400

Would it be possible to use a similar technique to generate an URL with
query parameters containing user keystrokes?  This URL could then be
submitted to any compromised website.  The attacker could then look into
logs and have a peek at theses submitted requests.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] file upload widgets in IE and Firefox have issues
  - From: Brian Eaton

Prev by Date: Re: [Full-disclosure] Strange Emails -- What are they?
Next by Date: Re: [Full-disclosure] Strange Emails -- What are they?
Previous by thread: Re: [Full-disclosure] file upload widgets in IE and Firefox have issues
Next by thread: Re: [Full-disclosure] file upload widgets in IE and Firefox have issues
Index(es):
- Date
- Thread