[kronolith] Security issues in Kronolith
Amit Patel
amitpatel at asite.com
Fri Mar 6 14:10:36 UTC 2009
Hi,
I have been doing penetration testing for Horde Kronolith V3.0
application. I am able to do following in horde.
1) SQL Injection
2) XSS
3) Crawling various pages event robots.txt rules denied all phps
4) Encryption and input validation is not implemented. So able to
alter many inputs
This basic penetration testing rules out security. Are there any
security patches I need to apply in my current application to overcome
these issues or need to take care manually?
Regards,
Amit Patel
Developer
Asite Solutions Pvt. Ltd.
Delivering Data Logistics
http:// <http://www.asite.com/> www.asite.com <http://www.asite.com/>
T +91 (0)79 2687 1002 Extn 5231
E amitpatel at asite.com
M +91 (0)9428107787
More information about the kronolith
mailing list