Community Blog
CSRF vulnerability in GMail service (pt_BR)
March 3, 2009
Caros, Saiu na fulldisclosure uma falha que chega a ser ridicula no gmail . A falha permite que utilizando CSRF ( Cross Site Request Forgery) voce consiga “modificar o password” da conta do gmail do usuario que mandar o site com os parametros nele. * Para ficar mais claro problema é um CSRF (Cross Site […]
CSRF vulnerability in GMail service
March 3, 2009
Gmail has a CSRF vulnerability thats is totally easy to explore. Since it’s easy to explore we would like that our costumers take care until google/gmail fix that . * Remember the CSRF isn’t a problem by itself. The problem is that CSRF allow a brute force . IV. PROOF OF CONCEPT ————————- 1. An […]
Update: N-Stalker Scanner 2009 build 198 is available
February 27, 2009
N-Stalker has made available for automatic update its latest build of N-Stalker Web Application Security Scanner 2009 (build 198). Version includes enhancements and fixes, including: Fixed a crash while dealing with Javascript/DOM uncommon functions; Fixed problems on automatic update; Minor adjustments How to Upgrade: Automatically (Commercial and Free version users): Please fire up our automatic […]
« Older Entries Newer Entries »
