A flaw exists in PHProxy 0.5b2 hotlinking feature which allow anyone using some coding to link to proxified pages. By default hotlinking is active to prevent users from retrieving pages directly from the proxy requiring them to use the form. This can be easily bypassed. This is the same type of vulnerability found on Glype 1.4.4. Other webproxies may be vulnerable too...
Source: Gmail -> IFTTT-> Blogger
No comments:
Post a Comment