Small correction regarding the time line of this disclosure:
[Time-line]
14/11/2011 - Vendor notified
2/12/2011 - Vendor response
??? - Vendor patch release
30/11/2011 - Public disclosure
Cheers, @drk1wi
___
Full-Disclosure - We believe in it.
Correction or not correction, this VoxSmart tool just sucks.
How come they are vulnerable to auth bypass with or 1=1--???
Hey, we're in 2012 (almost)...wake up
ahaha
Cheers
antisnatchor
On Fri, Dec 2, 2011 at 10:58 AM, Piotr Duszynski pi...@duszynski.eu wrote:
Small correction regarding
===
VoxRecord Control Centre - version 2.7 Blind SQLi and auth. bypass
===
Affected Software : Voxsmart - VoxRecord Control Centre v. 2.7
Severity :