|
|
|
|
|
|
by noir_lord
4420 days ago
|
|
|
nice and eerily familiar. Codebase I once worked on, I found a /csv route that dropped the entire customer database in CSV format and /route_csv that enumerated all the routes the application had including admin and cron routes :| (denial of service by spamming the cron routes that did no access checking was the least of it). When I checked the commit date it was 19 months ago..and in production for 17 months :| The midden and the windmill fully hit each other that day. |
|
|