[News] Security hole exposes Tower Records

It seems to be very hard to complete a bug-free and safe e-commerce website.

"The security leak arose out of a programming error in a script called "orderStatus.asp." When customers requested information on their order via the Tower site, the script called up the record, displaying the order number as part of the URL of the resulting page. "

From http://zdnet.com.com/2100-1105-976271.html

 

 

 

 

Top