UKbanners.com in massive security issue
UKbanners.com, a popular banner exchange system, has found itself at the centre of a massive information leak after accidently posting its customers email addresses, websites and passwords online.
(click to enlarge)
All that anyone has to do to view all this personal information is visit this url – http://ukbanners.com/cgibin/shortfall.cgi
Looks like a massive own goal to leave all this information out in the public. The same security issue also affects their other websites – ukbuttons.com and cheekybanners.com.
Hovering over the username on that page showed their login name and password. Its unbelievable that they would show all this information on a publicly accessible page, but to then store passwords unencrypted is simply bizarre.
With those login details anyone can login and request payments, edit banners etc. Lets see if they fix it before this post goes live (I’m emailing them and warning them this has been published to appear tomorrow, 4th June)
About the Author
2 Responses to “UKbanners.com in massive security issue”
Leave a Reply
FrogsThemes.com Review
Looking for a new WordPress theme to use recently, we thought we’d review ...
5 Beginner SEO Steps and 10 Quality Dofollow Directories
What we want to look at today is something for anyone who has just produced a ne ...
CodeMyConcept.com Review
Since it was time to do another review, we decided this time it would be the tur ...
Yes I saw this – Uradnet banner networks picked up on this also… uradnet.co.uk
Actually – I was wrong – Uradnet mentions that UKBanners emailed their customers back in April with details of a Flash Bannerpromotion. These emails also contained User ID’s and passwords… http://www.uradnet.co.uk/ukbanners.htm