Jim: If you count the cookie headers, I have a weakness in there for that. Matt: Looking up Connection String Parameter Pollution. Thanks, Adrian
On Mon, Apr 26, 2010 at 8:37 AM, Jim Halfpenny <[email protected]>wrote: > How about some weak e.g. HTTP header based authentication? I don't > recall what is in there at the moment, I think there referer > manipulation to bypass something. If not please add that :-D > > Jim > > On 25 April 2010 13:10, Adrian Crenshaw <[email protected]> wrote: > > I'm about to do an update on Mutillidae, since the OWASP Top 10 for 2010 > is > > out now. Any requests for changes/additions? > > > http://www.irongeek.com/i.php?page=security/mutillidae-deliberately-vulnerable-php-owasp-top-10 > > > > Thanks, > > Adrian > > > > _______________________________________________ > > Pauldotcom mailing list > > [email protected] > > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > > Main Web Site: http://pauldotcom.com > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
