1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Wufoo.com High Red Alert Vulnerability

Discussion in 'Black Hat SEO' started by derago21, Jun 13, 2011.

  1. derago21

    derago21 Jr. VIP Jr. VIP Premium Member

    Joined:
    Oct 24, 2010
    Messages:
    2,371
    Likes Received:
    1,191
    Gender:
    Male
    Occupation:
    Backlinker
    Location:
    Your Brain
    I dont Know how Many of you Have hosted your Services on Wufoo.com
    I Dont have any intention to harm that Website, which is Providing Forms as a Service Medium to sell their Services and products. Few days before i came across that site, was shocked about the Vulnerability in the System. Which was a newbie kind of Hack :( and Could Put the System in trouble if someone comes to Know about it.

    What's the Vulnerability about?

    A Simple hack that could Make you to get free services/products from them. What if a guy enjoys everything free without spending a Penny. if would be fun, But From the Service provider POV, This Really Sucks..

    A Hacker or a Good programmer Could Easy Find the Vulnerability in that site. Im Posting it here for the good sake of Wufoo.com - So Some programmer from wufoo. Look into this Problem and Fix it ASAP.

    I wont be Spreading the Vulnerability or Teaching Someone About it :)
     
  2. cash202

    cash202 Elite Member Premium Member

    Joined:
    Mar 12, 2011
    Messages:
    1,801
    Likes Received:
    2,818
    Location:
    Sydney, Australia
    Home Page:
    Why wouldn't you contact them directly and explain this mythical Vulnerability so the could fix it ASAP?
     
  3. wufoo

    wufoo Newbie

    Joined:
    Jun 13, 2011
    Messages:
    2
    Likes Received:
    0
    We would be grateful if you could give us any details. You can contact us at support or me directly at ryan.

    Thanks,

    Ryan
     
  4. scopezero

    scopezero Regular Member

    Joined:
    Mar 12, 2011
    Messages:
    336
    Likes Received:
    816
    Location:
    Bharat
    why the hell did he posted it on BHW anyways if he is so concerned abt it .Dude , u better contact the support and tell them abt the situation rather posting it on an open forum where people with such capabilities can utilize it for their use .better put it on some hacking forum , hmmmm ;)

    Remeber if u want to help someone this is not the way

    its awesome that woofu with only one post will like to contact u an ask u for details which could be a hacker himself -so please dont do such dumb thing and get them Fked rather helping them .provide info abt the vanuerability only if he contacted u from a their own domain email or some thing .

    i am not being rude or flaming u , but this could be my website and this can happen to me also .so tell the details only to orignal owner of that site not to anyother person

    regards
    Scope0
     
  5. SuperLinks

    SuperLinks Elite Member

    Joined:
    Jul 14, 2008
    Messages:
    2,903
    Likes Received:
    847
    Location:
    New York
    Wow! Nice response time! Reputation management must be up on the list at Wufoo.

    Congrats to the Wufoo team on the recent sale BTW!
     
  6. derago21

    derago21 Jr. VIP Jr. VIP Premium Member

    Joined:
    Oct 24, 2010
    Messages:
    2,371
    Likes Received:
    1,191
    Gender:
    Male
    Occupation:
    Backlinker
    Location:
    Your Brain
    Yeah I knew he was hacker Straight Away... No Issues!
    Just Emailed them, Hope they Fix it :)
     
  7. wufoo

    wufoo Newbie

    Joined:
    Jun 13, 2011
    Messages:
    2
    Likes Received:
    0
    Hey, I just wanted to follow up on this with you. We haven't received an email, but your message below mentioned you sent one. The forums won't let me post URL's, but you can reach us at support followed by our domain or ryan and the domain. Or, click the feedback link from the footer menu of our home page.

    Thanks again - Ryan