Shouts to the websites that provide ranking for e-Commerce websites in India ;))
Additional shouts to people who tell me, how their "website security" budget is cramped, but they can do endless meetings, interviews and documentation work for compliance, year on year! :)
#############################################
# Website: www.homeshop18.com
# Date: 05.12.2012
# Bug: Cookie Manipulation / Bad authentication
############################################
Trust me when I say your website is the most visible and targetted
asset in your whole infrastructure. It represents your brand image and
everything your company stands for on the Internet. One mistake like this can cost
a business - customers and sales...
Homeshop18 website suffers a few vulnerabilities namely path
disclosure & user authentication cookies being insecure... If the
cookies can be manipulated on the client side a user's data can be
compromised which will lead to a security incident...
Kindly make amends and work on fixing the vulnerability within 48 hours,
this information has been released with public awareness & safety
in mind.
Cheers,
Kish
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment