You could probably d/l fiddler2 (http://www.fiddler2.com/fiddler2/) and use that to do whatever injections are needed. This app also works with any browser that supports proxies and even works remotely.
On Jan 19, 7:38 am, Pyrite <[email protected]> wrote: > Is there a way to test this CVE without Firefox? I do not have the > option of Firefox at work. Only IE7. > > On Jan 16, 4:14 pm, Gwoo <[email protected]> wrote: > > > After the release of 1.2 Final, we received a lot of attention. Some > > of this came in the form of a security concern. The issue could affect > > sites relying on the AuthComponent for user authentication, without > > the use of the SecurityComponent. Essentially, an attacker may be able > > to obtain credentials as the first user of the system. If you are > > interested in testing your site, you can use the SQL Inject Me plugin > > for Firefox[1] > > > Along with several other bugs, this issue was fixed in the recently > > released CakePHP 1.2.1.8004 Stable. We highly recommend that users > > upgrade to this release. > > > A big thank you for all those who report these issues to us and allow > > us to fix them. > > > Bake on, > > CakePHP team > > > [1]https://addons.mozilla.org/en-US/firefox/addon/7597 --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
