As previously stated, I would post an update for Ektron CMS bypassing
the security fix.
A full step by step with the usual screen shots can be found at -
http://www.securatary.com/vulnerabilities
In this example, we use www.paypal-forward.com as a demonstration site.
I would like to say that PayPal fixed this issue with their own
workaround extremely quickly. Excellent work by their security / dev team.
All the best
Mark Litchfield
www.securatary.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/