[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] XSS at eEye.com #2 (evidence of existence)

To: <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: [Full-disclosure] XSS at eEye.com #2 (evidence of existence)
From: "Valery Marchuk" <tecklord@xxxxxxxxxxxxx>
Date: Mon, 21 Aug 2006 13:37:35 +0300

Hi all!

According to this blog eEye (Ross Brown) denies existence of XSS Vulnerability 
at their web site.

http://www.stillsecureafteralltheseyears.com/ashimmy/2006/08/make_sure_the_s.html

 

Well, what else we can expect from the security company, which cannot protect 
its own web site?

As an evidence of vulnerability, I've published another XSS bug in my blog. 

Just follow the link in the blog and then press the "Back" button.

 

http://www.securitylab.ru/blog/tecklord/209.php



Have a nice day

Valery

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: RE: [Full-disclosure] Tempest today
Next by Date: [Full-disclosure] Hack.lu 2006
Previous by thread: Re: [Full-disclosure] RealVNC 4.1.2 minor heap corruption/DoS vulnerability (authentication required)
Next by thread: [Full-disclosure] Hack.lu 2006
Index(es):
- Date
- Thread