Major Security Hole Discovered
I have discovered a major security hole in this site. When you upload files to the blog (image and html files) I am able to upload and host html files with javascript links. This hole is too lame to be called cross site scripting (XSS). It is really just a gaping hole. I can give you a proof of concept if you like.
I bet you a lifetime supply of supplements that I can get bodybuilding.com account holders to browse to a page hosted on your site and then use ajax methods to modify/delete their body stats without their knowledge.
Is anyone in charge of this mess? Seems like ever since this site came under new ownership (Liberty Media) there have been a never ending list of problems. Did you guys outsource your programmers to India to save money?
Articulos relacionados
Fatal error: Call to undefined function related_posts() in /home/creatine/public_html/wp-content/themes/business-blue-20/single.php on line 22