Hello list,
Since vendor does not seem to care about this issue more than a year
after initial report (https://jira.atlassian.com/browse/CONF-23985), I
think that is time to share this issue.
-
Affected products:
-
Atlassian Confluence 3.x and 4.x
BTW last vuln' was also fixed during the prequals.
MajinBoo
Le 26/03/12 13:37, Damien Cauquil a écrit :
Hi klondike,
PS: What I wonder now is, are the guys behind the CTF reading
Full-disclosure?
I guess you now have your answer.
The guys have a cool XSS injection on the fake webmail
Advisory
Date2009-10-26
Program squidGuard
URL http://squidguard.org/
Found byMatthieu BOUTHORS
Application description
SquidGuard is a URL redirector used to use blacklists with the proxysoftware
Squid. There are two big
Hello,
shared hosting environnement is not an option if you want to have a secure
website.
majinboo
2009/9/29 Glafkos Charalambous i...@infosec.org.uk
Hello,
Yes at some point you are right but this is not an option most of the
times,
especially when you are on a shared hosting
the security
weakness is on the php.ini and not on the web application.
cheers,
majinboo
2009/9/28 Fernando A. Lagos B. ferna...@zerial.org
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Exists an call to add_action() without validate with function_exists().
When I run the php script directly, I get