MyBB 1.6 <= Cross Site Scripting (XSS) Vulnerability
1. OVERVIEW
MyBB was vulnerable to Cross Site Scripting Vulnerability.
2. APPLICATION DESCRIPTION
MyBB is a free bulletin board system software packa
Concurred. No file format is as obnoxious as SWF.
However, with the debut of HTML 5, we're finding that video is being offloaded
to and open codecs are being integrated into browsers. Further, HTML
5's media capabilities are making flash cumbersome.
Try disabling flash extension on Firefox and
"Personally, I kind of like Flash. It gives me a single kill switch for
90% of the useless blinking crap and popups on the internet. Flash is a
really appropriate name for exactly what I don't want to see on a web
page. I hope it remains the platform of choice for those who develop
such things." -
On 12/18/2010 05:30 PM, Victor Rigo wrote:
> Let's see, flash is:
>
> - Cross-platform
> - Cross-architecture
> - Has it's own programming language
> - Is embedded on websites
> - Access to javascript to popup, local caches, etc.
Not on my machine?
> It's not ineptness, it's what you get when you
On Sun, Dec 19, 2010 at 3:04 PM, Pavel Kankovsky
wrote:
> On Sat, 18 Dec 2010, Victor Rigo wrote:
>
>> It's not ineptness, it's what you get when you right software that can
>> actually do stuff.
>
> The bad news is security's made of the stuff one CAN'T do.
:)
___
On Sat, 18 Dec 2010, Victor Rigo wrote:
> It's not ineptness, it's what you get when you right software that can
> actually do stuff.
The bad news is security's made of the stuff one CAN'T do.
--
Pavel Kankovsky aka Peak / Jeremiah 9:21\
"For death is come up in
On Sat, Dec 18, 2010 at 6:30 PM, Victor Rigo wrote:
> Let's see, flash is:
>
> - Cross-platform
> - Cross-architecture
> - Has it's own programming language
> - Is embedded on websites
> - Access to javascript to popup, local caches, etc.
>
* Insecure (Adobe's implementation)
> It's not ine
Quite interesting. It was one of those those things I just assumed was part of
the build process. Thanks for the app and info.
t
Sent from my Windows Phone emulator.
From: Craig Heffner
Sent: Sunday, December 19, 2010 10:03 AM
To: Thor (Hammer of God)
Cc: full-d
Yet Flashblock has 10 million downloads
On Sat, Dec 18, 2010 at 8:30 PM, Victor Rigo wrote:
> Let's see, flash is:
>
> - Cross-platform
> - Cross-architecture
> - Has it's own programming language
> - Is embedded on websites
> - Access to javascript to popup, local caches, etc.
>
> It's not inep
These manufacturers use the same key on each of their models? That seems
ridiculous to me...
T
From: Craig Heffner
Sent: Sunday, December 19, 2010 5:56 AM
To: full-disclosure@lists.grok.org.uk
Subject: [Full-disclosure] Default SSL Keys in Multiple Routers
Many r
Let's see, flash is:
- Cross-platform
- Cross-architecture
- Has it's own programming language
- Is embedded on websites
- Access to javascript to popup, local caches, etc.
It's not ineptness, it's what you get when you right software that can actually
do stuff.
If Java applets were still the h
Many routers that provide an HTTPS administrative interface use default or
hard-coded SSL keys that can be recovered by extracting the file system from
the device's firmware.
The LittleBlackBox project contains a database of over 2,000 (and growing)
private SSL keys that are correlated with their
12 matches
Mail list logo