Full Disclosure: Re: XSS and CS vulnerabilities in aCMS

Nmap Security Scanner
- Intro
- Ref Guide
- Install Guide
- Download
- Changelog
- Book
- Docs
Security Lists
- Nmap Hackers
- Nmap Dev
- Bugtraq
- Full Disclosure
- Pen Test
- Basics
- More
Security Tools
Site News
Advertising
About/Contact
Sponsors:

Re: XSS and CS vulnerabilities in aCMS

From: Henri Salo <henri () nerv fi>
Date: Thu, 1 Aug 2013 17:41:41 +0300

On Thu, Aug 01, 2013 at 04:11:31PM +0300, MustLive wrote:

------------
Timeline:
------------

2013.03.04 - informed developers about part of the vulnerabilities.
2013.04.03 - informed developers about another part of the vulnerabilities.
2013.04.07 - informed developers about another part of the vulnerabilities.
2013.05.24 - announced at my site.
2013.05.25 - informed developers about another part of the vulnerabilities.
2013.05.26 - informed developers about another part of the
vulnerabilities. In all cases the developers just ignored all
messages via different e-mails and contact form.
2013.07.31 - disclosed at my site (http://websecurity.com.ua/6535/).


How did vendor ignore you in 2013.05.26 entry exactly?

---
Henri Salo

Attachment: signature.asc
Description: Digital signature

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

XSS and CS vulnerabilities in aCMS MustLive (Aug 01)
- Re: XSS and CS vulnerabilities in aCMS Henri Salo (Aug 01)