hi folks, This is OT here but you guys need to be awared immedaitely. I am not sure Nepal has any security forums.
0-day attacks, mainly Injection, are in widespread and some of the well-known hosting company to high profile sites are under serious threat. It seems to me a leak in industry backed defensive measure against XSS / SQL Injection. Once again the mitigation for Injection vulnerabilities need a serious revisit. It might be offending to post here but for the sake of awareness, i want you guys to get alert the concern authority and make sure they patched the leaks along with removing the existed injected codes (javascript / remote code). Check (As in context to Nepalese Site) http://www.google.com/search?num=100&hl=en&q=%22%3Cscript+src-%22http%3A%2F%2Fwww.nihaorr1.com%22+nepal&btnG=Search http://www.google.com/search?num=100&hl=en&q=%22%3Cscript+src%3Dhttp%3A%2F%2Fwww.aspder.com%22+nepal&btnG=Search http://www.google.com/search?hl=en&q=%22%3Cscript+src-%22http%3A%2F%2Fwww.nmidahena.com%22&btnG=Google+Search&aq=f I have a IDS running here and i need to find out the exact payloads. If you have the payloads and can replay share with me. -- Sarose --~--~---------~--~----~------------~-------~--~----~ FOSS Nepal mailing list: [email protected] http://groups.google.com/group/foss-nepal To unsubscribe, e-mail: [EMAIL PROTECTED] Community website: http://www.fossnepal.org/ -~----------~----~----~----~------~----~------~--~---
