Paid Advertising
sla.ckers.org is
ha.ckers
sla.cking
Where you should disclose your vulnerabilities. Go read
RFPolicy
if you want to do responsible disclosure, and go here for when all else fails.
Go to Topic:
Previous
•
Next
Go to:
Forum List
•
Message List
•
New Topic
•
Search
•
Log In
New Paid Web Scanner
Posted by:
PaPPy
Date: September 27, 2011 11:57AM
Came across this service that is offering a service to scan your devices for a fee.
http://www.secpoint.com/cloud-penetrator-web-vulnerability-scanner.html
But I noticed 2 potential problems
First they have an image that includes a remote image.
not sure if this can be exploited
http://www.secpoint.com/thumb.php?img=http://data.xssed.org/images/xssed_logo.gif&h=100&w=150&d=yes
also on the above page it has some PHP code embedded in it
<?php echo $arryNewsTitle[0];?>
maybe could be used on a news page to manipulate something
maybe they should run their scanner across their site first, before selling a service
http://www.xssed.com/archive/author=PaPPy/
Options:
Reply
•
Quote
Re: New Paid Web Scanner
Posted by:
Skyphire
Date: December 13, 2011 05:58AM
Possible to XSS users on MSIE 6/7 within an image.
Options:
Reply
•
Quote
Go to:
Forum List
•
Message List
•
Search
•
Log In
Sorry, only registered users may post in this forum.
Click here to login
