Full Disclosure mailing list archives
Re: Cookie stealing and XSS vulnerable in Zenphoto version 1.4.3.2
From: Scott Herbert <scott.a.herbert () googlemail com>
Date: Tue, 2 Oct 2012 17:08:56 +0100
At the time I thought this was the "correct" way to report things. I've since stopped spamming them with every little hole I find. I couldn't find a n00b's guide to reporting, so I'm making it up as I go along. If there is a guide online somewhere I'd 1) love to read it and 2) think it should be better publicised.
-----Original Message----- Why did you report this to UKCERT?
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Cookie stealing and XSS vulnerable in Zenphoto version 1.4.3.2 Scott Herbert (Oct 02)
- Re: Cookie stealing and XSS vulnerable in Zenphoto version 1.4.3.2 Benji (Oct 02)
- Re: Cookie stealing and XSS vulnerable in Zenphoto version 1.4.3.2 Scott Herbert (Oct 02)
- Re: Cookie stealing and XSS vulnerable in Zenphoto version 1.4.3.2 Henri Salo (Oct 08)
- Re: Cookie stealing and XSS vulnerable in Zenphoto version 1.4.3.2 Scott Herbert (Oct 08)
- Re: Cookie stealing and XSS vulnerable in Zenphoto version 1.4.3.2 Malte Müller (Oct 10)
- Re: Cookie stealing and XSS vulnerable in Zenphoto version 1.4.3.2 Scott Herbert (Oct 08)
- Re: Cookie stealing and XSS vulnerable in Zenphoto version 1.4.3.2 Henri Salo (Oct 11)
- Re: Cookie stealing and XSS vulnerable in Zenphoto version 1.4.3.2 Benji (Oct 02)