Security vulnerability?

Printable View

June 7th, 2003, 03:56 AM
vercetti

Security vulnerability?

Hi, guys I have a question.
It's about this website:
www.infousa.com
which is a commercial website selling consumer databases to marketing companies, and if you follow one of those databses links, you are going to be prompted for personal and credit-card information. Well, the problem is that if you use this link
http://adp.infousa.com/fs/consumer.htm?bas_fssession={bas_fssession}&bas_vendor=%7bbas_vendor%7d&bas_type=FADP&bas_page=1&bas_action=search
you can actually access the databse for free. I was wondering if this is a security hole? and if yes, what should be done about it?(email webmaster maybe...?)
Thanks a lot
June 7th, 2003, 07:22 AM
journy101

I think its a free service, and here is why:

Under the main page http://adp.infousa.com/ on the left side, under Free Services, if you click Find a Person, you get the same thing. Am I right, the address ends up to be slightly difernt but gives me the same results either way.

If it was/is a security hole you would inform the webmaster of this issue, with the details of your findings. AFAIK, Please corect me anyone if I am wrong.
June 7th, 2003, 05:41 PM
vercetti

I think you are right but the thing is that I got to that page from another company's website.
I googled "for staff use only" and found a link to "helping finding people for over 75 years".When I clicked on it, it lead me to the infousa.com website.
amazing what anormal searches bring up.
But thanks a lot

All times are GMT +1. The time now is 12:50 PM.