The same thing as the CCbill, CEO has denied that their portal has been hacked/
had SQL injection vulnerabilities.
- MG
Wiadomość napisana przez w0lf w dniu 2011-05-07, o godz. 11:53:
Hi
The company CEO denies the attack claims that the images posted are fake :)
@Shinnok
We have informed IBM about vulnerabilities in
http://www.ibm.com/developerworks/
http://publib.boulder.ibm.com
http://www.ibm.com (mustlive discovery) ,
Over 7 months ago, they did not take it seriously.
regards,
Maciej Gojny
Wiadomość napisana przez Shinnok w dniu 2011-01-09, o
hello FULL DISCLOSURE!
We have found nice story about our previous ccbill advisory:
http://gfy.com/showthread.php?t=982701page=2
CCBILL CEO Ron C has written:
This report was a complete joke. This was just a variation of a Nigerian scam.
We contacted the website and they responded via GMAIL
hello full disclosure!
After six months from the first contact with Adobe security team, important
adobe.com subdomain is still vulnerable to SQL injection attacks. We hope that
this time, serious people will try to solve the problem.
proof: http://blog.ariko-security.com/
regards,
Hello Full Disclosure !
Today i have found next SQL injection in facebook.com
Details:
http://blog.ariko-security.com/?p=82
Full advisory will be released soon!
Regards,
Maciej Gojny
Ariko-Security
Rynek Glowny 12
32-600 Oswiecim
tel:. +48 33 4741511 mobile: +48 784086818
(Mo-Fr 10.00
.
Cant wait to see The Register report about this.
2010/11/30 Maciej Gojny v...@ariko-security.com
Hello Full Disclosure !
Today i have found next SQL injection in facebook.com
Details:
http://blog.ariko-security.com/?p=82
Full advisory will be released soon!
Regards,
Maciej Gojny
as finding a SQL injection in
facebook.com's actual code. Apps are not run by facebook, so it's
unsurprising that some random app would have a SQL injection
vulnerability.
~reed
On Wed, 1 Dec 2010 00:51:35 +0100
Maciej Gojny v...@ariko-security.com wrote:
Benji@
I dont understand You, I
:
# Input validation of all vulnerable parameters should be corrected.
Credit:
# Discoverd By: Maciej Gojny / Ariko-Security 2010
Advisory:
# http://advisories.ariko-security.com/november/audyt_bezpieczenstwa_745.html
Ariko-Security Sp. z o.o.
Rynek Glowny 12
32-600 Oswiecim
tel:. +48 33 4741511
(Mo-Fr 10.00-20.00 CET)
Ariko-Security
Maciej Gojny
v...@ariko-security.com
tel.: +48512946012 (Mo-Fr 10.00-20.00 CET)
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored
be corrected.
Vulnerabilities:
# http://[site]/page.php?page_id=139[SQLi]
Credit:
# Discoverd By: MG
# Advisory: http://www.ariko-security.com/mar2010/ad526.html
# Contacts: support[-at-]ariko-security.com
Ariko-Security
Maciej Gojny
v...@ariko-security.com
tel.: +48512946012 (Mo-Fr 10.00-20.00 CET
By: MG
# Website: http://www.ariko-security.com/mar2010/ad519.html
# Contacts: support[-at-]ariko-security.com
Ariko-Security
Maciej Gojny
v...@ariko-security.com
tel.: +48512946012 (Mo-Fr 10.00-20.00 CET)
___
Full-Disclosure - We believe
.
Vulnerability:
# http://[site]/download.php?s=[SQLi]id=2324
Credit:
# Discoverd By: MG
# Website: http://Ariko-security.com
# Contacts: support[-at-]ariko-security.com
Ariko-Security
Maciej Gojny
v...@ariko-security.com
tel.: +48512946012 (Mo-Fr 10.00-20.00 CET
# Title: [SQL injection vulnerability in Amelia CMS]
# Date: [10.02.2010]
# Author: [Ariko-Security]
# Software Link: [http://www.ameliadesign.eu/]
# Version: [ALL]
# Tested on: [freebsd / ubuntu]
{ Ariko-Security - Advisory #3/2/2010 } =
SQL injection
# Exploit Title: [Pogodny CMS SQL injection]
# Date: [08.02.2010]
# Author: [Ariko-Security]
# Software Link: [http://www.cms.michalin.pl/moduly/pogodny/]
# Version: [ALL]
# Tested on: [freebsd / ubuntu]
{ Ariko-Security - Advisory #2/2/2010 } =
SQL injection
{ Ariko-Security - Advisory #1/2/2010 } =
SQL injection vulnerability in apemCMS
Vendor's Description of Software:
# http://apem.com.pl/?sc=oferta
Dork:
#Powered by apemCMS
Application Info:
# Name: apemCMS
# Versions: ALL
Vulnerability Info:
# Type: SQL
15 matches
Mail list logo