[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-Disclosure] mi2g.com - trivial vulnerabilities
- To: full-disclosure@xxxxxxxxxxxxxxxx
- Subject: [Full-Disclosure] mi2g.com - trivial vulnerabilities
- From: <mi2g@xxxxxxxxxxxx>
- Date: Thu, 15 Apr 2004 22:58:00 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Privacy Policy - Security
mi2g provides its users with a secure online experience. To do this,
we use a variety of security measures to maintain the safety and confidentiality
of personal information about you. All user registration information
is stored behind a firewall and only accessible by a limited number of
employees who have special access rights to our systems. If you have
any questions about the security at our web sites, please click here.
....
XSS and Path Disclosure
http://www.mi2g.com/
search box type in:
<script>alert('mi2g is vulnerable');</script>
http://www.mi2g.com/cgi-bin/htsearch
Unable to read word database file '/var/lib/htdig/db.words.db'
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.3
wkYEARECAAYFAkB/djAACgkQDVKR24/CWQAo/ACfXjZdCBGSS6caW8sM0gg2NXNzl5YA
njQc51iQAAU9pYCsEAmEsR5YfDsr
=HYLj
-----END PGP SIGNATURE-----
Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2
Free, ultra-private instant messaging with Hush Messenger
https://www.hushmail.com/services.php?subloc=messenger&l=434
Promote security and make money with the Hushmail Affiliate Program:
https://www.hushmail.com/about.php?subloc=affiliate&l=427
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html