-
-
@attritionorg@mroytman@raesene that's why I suspect any GET /?id=<XSS> attempt to be counting. -
-
@attritionorg@mroytman@raesene that's why I'm curious what sig or indicators the stat comes from. -
@jjarmoc@mroytman@raesene@sushidude and analysis more complex. found a pafiledb 3.1 download. can abstract out per vuln PHP file... -
@jjarmoc@mroytman@raesene@sushidude so after a full audit, not counting a problematic 2004-04-27 disclosure...pic.twitter.com/5BQW2gr7ku
-
@jjarmoc@mroytman@raesene@sushidude with that, the report is really in question. 'pafiledb.php' isn't *1* vuln at all. it's 12 or 13!
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.