Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Re: HTTP Response Splitting and SQL injection in megabbs forum
From: PD9 Software <info () pd9soft com>
Date: Sun, 26 Sep 2004 13:50:50 -0500
pigrelax wrote:
URL: http://www.pd9soft.com Tested megabbs 2.1 
1. HTTP Response Splitting
2. HTTP Response Splitting
3. More and more SQL injection:
All three issues have been addressed, and updates have been posted at http://www.pd9soft.com/. Thank you for bringing them to my attention.
However in the future, would it be too much to ask that I am contacted first? I am very eager to fix any security vulnerabilities, but sipping coffee on a lazy Sunday afternoon and seeing this broadcast to a public list is a little disconcerting. 

Thanks,
Matt Summers
PD9 Software, Inc

  By Date           By Thread  

Current thread:
  • Re: HTTP Response Splitting and SQL injection in megabbs forum PD9 Software (Sep 27)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]