I know it sounds lame, but getting even a free coffee mug for disclosing an XSS or similar is not bad as far as I am concerned.
But out of curiosity, which companies (eg, ZDI) accept web app bugs? Say, RCE bugs in a bunch of popular web apps or e-commerce applications? Or LFI/Path traversal bugs in other e-commerce/blogging/admin applets? I would love to know! On Fri, Nov 4, 2011 at 9:09 AM, Georgi Guninski <[email protected]>wrote: > On Fri, Nov 04, 2011 at 05:13:07AM +1100, GloW - XD wrote: > > Well, no comment, or comment.... its hard to comment on this one :P > > Although, i will say it is good and encouraging to see more security > > teams atleast offering *something* > > :) > > love the list...oh yea baby oh yea > > > > > the list is not bad, we have celebrity flamers like GNAA themselves here ;) > > i won't be surprised if the list owner (whoever he/she is) sell the list > at good opportunity (like aleph1 ruined bugtraq). > > appears to me secunia gets too much advertisement by injecting > their spam signature for the cost of hosting and sponsoring, > though this is up to the list owner. > > -- > j > > SPAM: vvvvv > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
