[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FD] Fwd: Security Access

To: fulldisclosure@xxxxxxxxxxxx
Subject: [FD] Fwd: Security Access
From: Pedrov Jovovic <pedrov.jovovic@xxxxxxxxx>
Date: Fri, 12 Sep 2014 08:25:42 +0300

Hello This is my first post .

Here are the details :

Website : http://www.comguard.net/    - (Security Expoerts)
I already sent them 2 emails and i didn't get a reply. The Security bug is
really simple , i was able to get to this link
http://www.comguard.net/include/  which lists all the files in the server.
You can even download php files containing sensitive data including db
password. Let me know if you need any additional details

Regards

---------- Forwarded message ----------
From: Fyodor <fyodor@xxxxxxxx>
Date: Fri, Sep 12, 2014 at 1:12 AM
Subject: Re: Security Access
To: Pedrov Jovovic <pedrov.jovovic@xxxxxxxxx>

On Tue, Aug 19, 2014 at 9:36 PM, Pedrov Jovovic <pedrov.jovovic@xxxxxxxxx>
wrote:

> Hello , i found a security issue in www.comguard.net. I already send them
> 2 email and would like to disclose the information through your website is
> that ok?
>

Yes, you can mail details to the fulldisclosure list.

Cheers,
Fyodor

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Follow-Ups:
- Re: [FD] Fwd: Security Access
  - From: Fernando Mercês
- Re: [FD] Fwd: Security Access
  - From: Артур Истомин

Prev by Date: [FD] NEW VMSA-2014-0009 VMware NSX and vCNS product updates address a critical information disclosure vulnerability
Next by Date: [FD] Rooted SSH/SFTP Daemon Default Login Credentials
Previous by thread: [FD] NEW VMSA-2014-0009 VMware NSX and vCNS product updates address a critical information disclosure vulnerability
Next by thread: Re: [FD] Fwd: Security Access
Index(es):
- Date
- Thread