|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[Full-Disclosure] Re: HTTP Response Splitting and SQL injection in megabbs forum
From: PD9 Software (info
pd9soft.com)
Date: Sun Sep 26 2004 - 13:50:50 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
pigrelax wrote:
>URL: http://www.pd9soft.com
>Tested megabbs 2.1
>
>1. HTTP Response Splitting
>2. HTTP Response Splitting
>3. More and more SQL injection:
>
All three issues have been addressed, and updates have been posted at
http://www.pd9soft.com/. Thank you for bringing them to my attention.
However in the future, would it be too much to ask that I am contacted
first? I am very eager to fix any security vulnerabilities, but sipping
coffee on a lazy Sunday afternoon and seeing this broadcast to a public
list is a little disconcerting.
Thanks,
Matt Summers
PD9 Software, Inc
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]