[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] XSS & SQL bugs in Conference website

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] XSS & SQL bugs in Conference website
From: Scarlet Pimpernel <kishfellow@xxxxxxxxx>
Date: Sun, 18 Feb 2007 04:55:55 -0800 (PST)

Hello list,

I have found multiple XSS & SQL bugs in this site, www.flconferences.com 
( LegionSec - Security Conference in India )

I have also contacted the concerned people, but they have failed to fix the 
bugs even after I sent a detailed advisory on the same.

Cheers :)
Kish


Remember there is alwayz someone who knows more than us out there

 
---------------------------------
Now that's room service! Choose from over 150,000 hotels 
in 45,000 destinations on Yahoo! Travel to find your fit.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: Re: [Full-disclosure] ALERT! A piece of internet security history is missing
Next by Date: Re: [Full-disclosure] [inbox] Re: Drive-by Pharming
Previous by thread: Re: [Full-disclosure] ALERT! A piece of internet security history is missing
Next by thread: [Full-disclosure] Remote DoS in libevent DNS parsing <= 1.2a
Index(es):
- Date
- Thread