<div dir="ltr">For $250 they got about what they paid for.  <br></div><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Jun 8, 2017 at 6:42 AM, DJ-Pfulio <span dir="ltr">&lt;<a href="mailto:DJPfulio@jdpfu.com" target="_blank">DJPfulio@jdpfu.com</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Of the 17 commissioned projects by Tripwire (a security firm), 10<br>
websites were completed and purchased.<br>
<br>
The researchers found that every website had critical security failures.<br>
Read more here:<br>
<br>
<a href="https://www.helpnetsecurity.com/2017/06/08/website-security/" rel="noreferrer" target="_blank">https://www.helpnetsecurity.<wbr>com/2017/06/08/website-<wbr>security/</a><br>
<br>
* Unauthorized users allowed (all) - Check<br>
* Allowed hackers to upload a PHP webshell (all) - Check<br>
* Allowed auth bypass via SQL injection (several) - Check<br>
* Allowed content modification via SQL injection (half) - Check<br>
<br>
Short, but interesting read.<br>
______________________________<wbr>_________________<br>
Ale mailing list<br>
<a href="mailto:Ale@ale.org">Ale@ale.org</a><br>
<a href="http://mail.ale.org/mailman/listinfo/ale" rel="noreferrer" target="_blank">http://mail.ale.org/mailman/<wbr>listinfo/ale</a><br>
See JOBS, ANNOUNCE and SCHOOLS lists at<br>
<a href="http://mail.ale.org/mailman/listinfo" rel="noreferrer" target="_blank">http://mail.ale.org/mailman/<wbr>listinfo</a><br>
</blockquote></div><br></div>