Hall of Fame


Javascript1 System Call Vuln
Gizmore found a vulnerability in the javascript1 challenge allowing him to send system calls to the call_user_func using backticks. The vulnerability had the potential to be very unpleasant, so thanks gizmore. This issue has now been repaired with proper whitelists.
  
Credit to gizmore for 15 points on Jan 21 2012 23:22:47.