How about some weak e.g. HTTP header based authentication? I don't recall what is in there at the moment, I think there referer manipulation to bypass something. If not please add that :-D
Jim On 25 April 2010 13:10, Adrian Crenshaw <[email protected]> wrote: > I'm about to do an update on Mutillidae, since the OWASP Top 10 for 2010 is > out now. Any requests for changes/additions? > http://www.irongeek.com/i.php?page=security/mutillidae-deliberately-vulnerable-php-owasp-top-10 > > Thanks, > Adrian > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
