1. Contracting
    1. General
      1. Brexit
    2. Business / Contracts
      1. Coronavirus Assistance
    3. Accounting / Legal
      1. Umbrella Companies
      2. HMRC Scheme Enquiries
      3. The Future of Contracting
      4. IR35 Reform
    4. Technical
    5. Welcome / FAQs
  2. Social
    1. Light Relief
    2. Social / Events
  • Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
  • Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!

OK, who was it?

Collapse
X
1 to 6 of 6 Previous template Next
Collapse
Reply to Thread
  •  
  • Filter
  • Time
  • Show
Clear All
new posts
1 to 6 of 6 Previous template Next
    #1

    OK, who was it?

    Coding shonky websites again....

    THREE MILLION Moonpig accounts exposed by flaw
    "Being nice costs nothing and sometimes gets you extra bacon" - Pondlife.
    Tags: None
    #2
    Having worked there previously, I probably know the person. Not me though.

    Comment

      #3
      It's a good one, only improved when somebody discovered that it also works over HTTP (no S) and without the Basic Authorization header

      Comment

        #4
        The architecture is bad, but the decision to ignore the warnings are downright gross negligence.

        Comment

          #5
          First thing I check on any site that sticks a customer or orderId in the querystring. eek's choccie site passed the mudskipper security check. So does CUK

          Comment

            #6
            God, that's diabolical - It's bad enough having the problem in the first place, but once once they knew of it then not bothering to fix it for months is incompetence beyond belief.
            Work in the public sector? Read the IR35 FAQ here

            Comment

            Reply to Thread
            1 to 6 of 6 Previous template Next

            Advertisers

            1. Contracting
              1. General
                1. Brexit
              2. Business / Contracts
                1. Coronavirus Assistance
              3. Accounting / Legal
                1. Umbrella Companies
                2. HMRC Scheme Enquiries
                3. The Future of Contracting
                4. IR35 Reform
              4. Technical
              5. Welcome / FAQs
            2. Social
              1. Light Relief
              2. Social / Events
            Working...
            X