-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Noguska Nola 1.1.1 [ Intranet Business Management Software ] .: Software Desciption :. - - compied from their site - Redefining the scope of Enterprise Software The NOLA web based software package allows your business to effortlessly reach further than previously thought possible. NOLA provides your company's accounting, inventory, point of sale, contact management, billing, puchasing, and reporting all in one integrated package. NOLA takes e-commerce to the next step, allowing for real time inventory quantity updates. Users are able to do ANYTHING from ANYWHERE. Rock solid stability The NOLA system is built around a secure, open platform. NOLA ships with the Apache Web Server, the most widely used web server in the world. Apache is used to serve more web sites than every other web server combined1. Also supplied is the MySQL database engine, a lightning fast SQL server designed for large amounts of data. MySQL is also used by NASA and Yahoo!. According to the Netcraft Feb 2001 Survey. - -- snip -- Risks: Very High Simplicity: LMAO!! .: Bug Description :. It's possible to upload php code with certain file extensions such as: .php4, .phtml, .html etc.. using all upload fields in the whole application. Vendor did not think of verifying user input. .: Imagination :. An attacker can also C code and compile using php as his command line interpreter. I leave the rest to a malicious imagination. Sindhi -----BEGIN PGP SIGNATURE----- Version: Hush 2.1 Note: This signature can be verified at https://www.hushtools.com wlsEARECABsFAj0hfpcUHHNpbmRoaUBodXNobWFpbC5jb20ACgkQ9YONtXFfqrAqBQCg oaxgP33c486DEkdVvSy2jgSTbjoAoLksRwHfB3rNemZa2O3Z3Pu0yF78 =uDEv -----END PGP SIGNATURE----- Communicate in total privacy. Get your free encrypted email at https://www.hushmail.com/?l=2 Looking for a good deal on a domain name? http://www.hush.com/partners/offers.cgi?id=domainpeople
This archive was generated by hypermail 2b30 : Tue Jul 02 2002 - 14:50:19 PDT