Security vulnerability?
Results 1 to 3 of 3

Thread: Security vulnerability?

  1. #1
    Member
    Join Date
    Mar 2003
    Posts
    90

    Security vulnerability?

    Hi, guys I have a question.
    It's about this website:
    www.infousa.com
    which is a commercial website selling consumer databases to marketing companies, and if you follow one of those databses links, you are going to be prompted for personal and credit-card information. Well, the problem is that if you use this link
    http://adp.infousa.com/fs/consumer.htm?bas_fssession={bas_fssession}&bas_vendor=%7bbas_vendor%7d&bas_type=FADP&bas_page=1&bas_action=search
    you can actually access the databse for free. I was wondering if this is a security hole? and if yes, what should be done about it?(email webmaster maybe...?)
    Thanks a lot
    \"Great spirits always encounter strong opposition from mediocre minds.\"
    Albert Einstein

  2. #2
    Senior Member
    Join Date
    Feb 2003
    Posts
    282
    I think its a free service, and here is why:

    Under the main page http://adp.infousa.com/ on the left side, under Free Services, if you click Find a Person, you get the same thing. Am I right, the address ends up to be slightly difernt but gives me the same results either way.

    If it was/is a security hole you would inform the webmaster of this issue, with the details of your findings. AFAIK, Please corect me anyone if I am wrong.

  3. #3
    Member
    Join Date
    Mar 2003
    Posts
    90
    I think you are right but the thing is that I got to that page from another company's website.
    I googled "for staff use only" and found a link to "helping finding people for over 75 years".When I clicked on it, it lead me to the infousa.com website.
    amazing what anormal searches bring up.
    But thanks a lot
    \"Great spirits always encounter strong opposition from mediocre minds.\"
    Albert Einstein

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •