One of our security researchers just happened to stumble across this interesting Highscores area of a free Flash skeet shooting game. Notice scores 6-10. Now I'm not saying he had anything to do with this. What I am saying is that if your query parameters are able to be manipulated, some hacker will mess up your application just to see if he can. And if that part of the site is insecure, what else is?
Posted
05-29-2009 5:49 PM
by
mark.painter