Web Security

Title: Thats uggzactly what I thought! TLDR; ugg.com orders could be enumerated from just the orderid which was an incrementing number. Any order that was not already dispatched could be cancelled,...

<responsible_disclosure> Before i discuss this, let me just say that the bug has been patched (was in 2.5.1) and at the time of writing this Joomla is already 2 increments away - 2.5.3 is currently...

Click here to search the VMWare user database! So last week some time Chris Hadnagy linked me to the following URL: http://info.vmware.com/content/opt-out which was pretty interesting last week. Ba...

So a while ago I asked if I was allowed to play with http://www.bravadogaming.com/ and I got a positive response, I kinda looked around at their custom CMS, didnt see anything immediately available...