Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
[Full-disclosure] file upload widgets in IE and Firefox have issues
From: Michel Lemay (mlemaycoveo.com)
Date: Wed Jun 07 2006 - 08:43:47 CDT
Would it be possible to use a similar technique to generate an URL with
query parameters containing user keystrokes? This URL could then be
submitted to any compromised website. The attacker could then look into
logs and have a peek at theses submitted requests.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/