Sunday, 5 February 2012

Who want's an 0day for e107? ;)

Advisory in progress... :)

*Update - 14.02.2012*
Scenario of attack : registered user can add content to e107.
In this case, we can get two situations: sql injection and/or xss.

Still in progress (because of other projects, sorry ;))

To be continued...

No comments:

Post a Comment

What do You think...?