| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <EPEEKFNKMMFGBCKCFAELIEGGCEAA.advisories@northshoreinternet.com.au> From: advisories at northshoreinternet.com.au (North Shore Internet) Subject: [NORTHSHOREINTERNET.COM.AU: #1] amihotornot.com.au vulnerability [NORTHSHOREINTERNET.COM.AU: #1] amihotornot.com.au vulnerability Hello All, This is my first post to bugtraq, Hope its worthwhile. A bug has been found in the amihotornot.com.au gallery that lets a registered user modify other members gallery photo's. Vulnerable Site: http://www.amihotornot.com.au +-[Example:]----------------------------------------------------+ For this to work, you have to be a member yourself, membership is free. http://www.amihotornot.com.au/album/create_pictures.asp?gid=1111 Where 1111 is the ID of the member. All members recorded by amihotornot are assigned an auto-incrementing identifier, This makes it easy to guess an entire range of valid members ID's. +-[Notes:]------------------------------------------------------+ Vulnerabilities found on: 16/02/2005 Administrator (s) informed on: Tried to contact them through the website but the contact script was broken. and no other contact information was provided. Administrator (s) Fix: None as of yet Regards C. Saunders advisories@...thshoreinternet.com.au http://www.northshoreinternet.com.au
Powered by blists - more mailing lists