|
Full Disclosure
mailing list archives
WWW.EEM.PT - Consultation Request Encoding Flaw
From: Hacxx Under <hacxx20 () gmail com>
Date: Tue, 11 Oct 2011 15:08:45 +0100
A flaw exists in WWW.EEM.PT Consultation Request. The Consultation
Request is used for client notification aswell as client registration.
URL: http://eemnet.eem.pt/DesktopDefault.aspx?context=search_requests
Alphanumeric example: LL54949
In the example the request is 54949 and the two random letters are LL.
Since the two random letters is the password, there are only 729
possible combinations...
-----
Last Disclosure on my behalf - HACXX
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
- WWW.EEM.PT - Consultation Request Encoding Flaw Hacxx Under (Oct 11)
| 
