Re: [Full-disclosure] [WEB SECURITY] Plain Old Webserver - The coolest firefox extension
- From: "Giorgio Fedon" <giorgio.fedon@xxxxxxxxx>
- Date: Mon, 12 Feb 2007 21:54:28 +0100
I thing that there is an implicit joke in the previous post...
"..././..././..././..././"
how can't you love funsec?
path = str_replace('../', '', path);
Becomes "../../../../" again...
GF _______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- References:
- Prev by Date: Re: [Full-disclosure] Solaris telnet vulnberability - how many on your network?
- Next by Date: [Full-disclosure] SecurityVulns.com: Microsoft Visual C++ 8.0 standard library time functions invalid assertion DoS (Problem 3000).
- Previous by thread: Re: [Full-disclosure] [WEB SECURITY] Plain Old Webserver - The coolest firefox extension
- Next by thread: Re: [Full-disclosure] [WEB SECURITY] Plain Old Webserver - The coolest firefox extension
- Index(es):
Relevant Pages
|
|
