Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
This is a place for us to start seriously talking about vendors. Who's great, who's not, what's it cost, how does it relate to their competitors and would we buy it? A place to talk about snakeoil, and brilliant products alike. Marketing fluff is forbidden. 

Current Page: 1 of 1
Results 1 - 2 of 2
5 years ago
Kellanved
The scanner is correct (probably the first time ever for that to happen); with IE6 this is a potential XSS. Visit <yourfile>.php?input=<script>alert('heh');</script> with IE6; click cancel, click reload (or visit the page again) - XSS.
Forum: XSS Info
5 years ago
Kellanved
I can confirm that they indeed harvest changelogs; usually we (phpBB) get a request to explain all changelog entries marked as "Sec". In the case linked above the credit is correct; Secunia and Securityfocus used the credit from the changelog. What I found more troublesome was the rather high "security" score assigned to such - usually rather minor - issues. The "less&
Forum: Vendor Talk
Current Page: 1 of 1