Description
***********
FluxBB is a free open source forum application designed to be fast, light
and user friendly. Version 1.3 of FluxBB, currently under development, adds
a powerful extension system.
Details
*******
Enigma for Thunderbird. Encrypt IM conversations with OTR, and via
other ways pro-actively protect ones own privacy. That is a real
structural solution. Don't blame others for not using an envelope around
your own communication.
For pointers on how to obtain more privacy via userfriendly software,
see: http://chameleon.spaink.net/PTT.pdf
Paul
Firefox; the same person would be likely to give out his password to:
prompt("Please enter your password for foocorp.com (certified by Verisign)")'.
...simply because a systemic failure of browser vendors to provide
user-friendly security signaling and UI behavior (along the lines of: "as
far as we're concerned, any person with no understanding of SSL, HTTP, and
DNS had it coming and should die in a fire").
Just my $.02 (and with the exchange rates today, that's not a whole lot!),
/mz
20100205 - Justanotherhacker.com : HuskiCMS local file inclusion
JAHx102 - http://www.justanotherhacker.com/advisories/JAHx102.txt
--------------------------------------------------------------------------------------------
HuskiCMS
huski CMS effectively places the control of the website back into the hands of you, the site owner. huski CMS is extremely user friendly and has been developed with the lowest denominator in IT knowledge in mind. huski CMS is still a very powerful and flexible system which ensures your site is using the latest technologies such as AJAX, XML, XHTML, and CSS
[ Taken from: http://www.huskicms.com ]
--- Vulnerability description ---
A conditional local file inclusion exists in the image resizing script size.php's i parameter.
version : <= 1.0
Vendor : http://www.preproject.com/news.asp
Description :
Pre News Manager is online news publishing system. Very easy to manage and integration.
Powerful online news management system with user friendly control panel. Include news
box to any where in your website and integrate news manager in only one step.
Upload latest news with images and advertisements. Include HEADLINES page to any
where in your website and news will automatically updated to that page.
Subscribe for latest and breaking news. Submit articles, news latest stories and many more.
Add your own news categories. Also can be use for private news website.
Asbru Software - Asbru Web Content Management
http://www.asbrusoft.com/
"Ready to use, full-featured, database-driven web content management system
(CMS) with integrated community, databases, e-commerce and statistics modules
for creating, publishing and managing rich and user-friendly
Internet, Extranet
and Intranet websites."
Versions tested:
6.5 and 6.6.9 have been confirmed as vulnerable in the ASP release.
> Firefox; the same person would be likely to give out his password to:
>
> prompt("Please enter your password for foocorp.com (certified by Verisign)")'.
>
> ...simply because a systemic failure of browser vendors to provide
> user-friendly security signaling and UI behavior (along the lines of: "as
> far as we're concerned, any person with no understanding of SSL, HTTP, and
> DNS had it coming and should die in a fire").
>
Actually, the prompt is not a good example, as FireFox does show the
