[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Ektron CMS TakeOver Part (2) - PaylPal-Forward.com demonstration
- To: Mark Litchfield <mark@xxxxxxxxxxxxxx>
- Subject: Re: [Full-disclosure] Ektron CMS TakeOver Part (2) - PaylPal-Forward.com demonstration
- From: security curmudgeon <jericho@xxxxxxxxxxxxx>
- Date: Tue, 4 Feb 2014 17:01:44 -0600 (CST)
: > : From: Mark Litchfield <mark () securatary com>
: >
: > : As previously stated, I would post an update for Ektron CMS bypassing :
: > the security fix.
: >
: > : A full step by step with the usual screen shots can be found at - :
: > http://www.securatary.com/vulnerabilities
: >
: > Uh... you expect people to login to your site with their Facebook or Twitter
: > credentials, to access these advisories?
:
: Errr no ?? Use the other option ?? And if you don't want to register, don't
: bother !!
Links from /vulnerabilities, directly from advisories off the Research
page, and even "Follow us on Twitter" all drop back to a login page asking
for authentication using either Facebook or Twitter.
This is not the behavior of the site as of 48 hours ago.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/