Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×
Security

Submission + - Sears.com Squelches Web Programming Blunder (foxnews.com)

blitzkrieg3 writes: Earlier today someone made public a trivial exploit on the Sears.com website. Sears was storing page paramaters from the client editable url into the catagory of the page, leading to some pretty funny results. Once the catagories were loaded into the cache, every subsequent hit would pull up the same user submitted catagories, even without any page paramaters. TMZ and Fox News have their own reports. Reddit has since been forced to take the post off of their front page by their parent Conde Nast, but the page can still be accessed via permalink.
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Sears.com Squelches Web Programming Blunder

Comments Filter:

The most difficult thing in the world is to know how to do a thing and to watch someone else doing it wrong, without commenting. -- T.H. White

Working...