2 posts • joined Wednesday 12th November 2008 23:34 GMT
The only way they would have admin privileges is
A)the form was using GET instead of POST. The username and password fields would be presented to the Google Bug as part of the URL.
B) The session ID was part of the URL instead of a cookie.
C) They hacked the site via their Google Bug.
I hate the web installers that detect you have a proxy, but then don't prompt you to enter your credentials. If they cannot get this to work, then I guess getting the actual app to work behind a firewall will be an epic fail too,
- Xmas Round-up Ten top tech toys to interface with a techie’s Christmas stocking
- Google embiggens its fat vid pipe Chromecast with TEN new supported apps
- Microsoft: Don't listen to 4chan ... especially the bit about bricking Xbox Ones
- Shivering boffins nail Earth's coldest spot
- Exploits no more! Firefox 26 blocks all Java plugins by default