[Full-disclosure] BitDefender | World Wide Pay - SQL Injection / LFI / XSS
schap.security at gmail.com
Tue Jun 2 21:29:55 BST 2009
The bit defender sql injection is re stated again. A severe sql injection
has been noticed in the bitdefender [ir] website. It
is possible to extract all records from the system.
The world wide pay website suffers from local file inclusion and cross site
For proof of concept:
There vulnerabilities are reported but no generic response from vendor.
-------------- next part --------------
An HTML attachment was scrubbed...
Full-Disclosure is hosted and sponsored by Secunia.