Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Where you should disclose your vulnerabilities. Go read RFPolicy if you want to do responsible disclosure, and go here for when all else fails. 

Current Page: 1 of 1
Results 1 - 2 of 2
5 years ago
system_meltdown
Hello sla.ckers :) I found an 0day exploit in MagpieRSS, a PHP based RSS reader, there has been a few found before, but this is something completely different. To get this to work, you need to have a website set up, or a home computer running Apache. Basically, when MagpieRSS parses the XML tags, anything inside the CDATA tags are not escaped, using htmlentities() or any other form of esc
Forum: Full Disclosure
7 years ago
system_meltdown
I'm pretty sure this is likely to be a fake error that's getting spat out, but I'll post it anyway: http://sla.ckers.org/forum/pm.php?2,page=send,message_id='OR'1'='1 Not sure if this has been posted before... ~system
Forum: SQL and Code Injection
Current Page: 1 of 1