The CVE-2013-5956 has been assigned for this vulnerability.
Best Regards.
On Saturday, March 15, 2014 2:07 PM, Mahmoud Ghorbanzadeh md...@yahoo.com
wrote:
Hello,
Cross-site
scripting (XSS) vulnerability in the Youtube Gallery 3.4.0 component for
Joomla! allows remote attackers to inject
#!/opt/perl5/bin/perl -w
# HP-UX rlpdaemon local exploit
# Bulletin HPSBUX0111-176 (November 2001)
#
# For use only on machines where you have legitimate root.
# This attempts to add junk (including localhost +) to /.rhosts.
# Obvious variants could include /etc/passwd.
use IO::Socket;
$PORT =
Some of the replies in this thread are very unfair to the original poster.
I have read the news story and have thoroughly read the proof of concepts which
in my opinion indicate that this is surely a security vulnerability. I have
worked for Lumension as a security consultant for more than
Gynvael Coldwind,
What Alfred has reiterated is that this is a security vulnerability
irrelevantly of whether it qualifies for credit.
It is an unusual one, but still a security vulnerability. Anyone who says
otherwise is blind, has little or no experience in hands on security, or either
Hello... I am an IT security expert for the Emirates National Oil Company. Google is my favourite search engine by far. Now I just read the report about the unrestricted upload issue and I think that the author is right that it is a securityproblem.This is a vulnerability because file name
I signed onto this mailing list as an interested person in security - not to
see everyone moan. We will all have differences in opinion and we should all
respect that. This goes for everyone and I feel I speak for a lot of people
here, everyone needs to grow up, and shut up.
Email scanned
Hello,
I am a security professional and risk manager in UAE. I support that the remote
file upload on YouTube is a vulnerability, and I am sure about this. Not the
slightest doubts...
There is a different between a vulnerability and an exploit. The vulnerability
here is the lack of any file
Is this treated with the same way that says that Remote File Inclusion is not a
security issue ?
You don't follow? Implying ?
I understand why nobody likes Google. If I 've found a vulnerability and been
treated like that for trying to help, I would rather sell it to the black
market or to
The thread read Google vulnerabilities with PoC. From my understanding it was
a RFI vulnerability on YouTube, and I voiced my support that this is a
vulnerability.
I also explained a JSON Hijacking case as a follow up, and you said you didn't
follow. So I am just saying that treating
LOL. boy oh boy you would have HATED the N3td3v years then...
I'm sure your delete key works doesn't it?
From: Full-Disclosure [mailto:full-disclosure-boun...@lists.grok.org.uk] On
Behalf Of Thomas Williams
Sent: Saturday, March 15, 2014 10:44 AM
To: Mario Vilas
Cc:
10 matches
Mail list logo