Security Vulnerability Concerns

Discussions revolve around a reported security vulnerability or potential exploit in a web interface or service, with users questioning its details, exploitability, severity, and requesting sources like HackerOne reports.

➡️ Stable 0.9x Security

4,118

Comments

Years Active

Top Authors

#4050

Topic ID

Activity Over Time

2007

2008

2009

2010

112

2011

160

2012

248

2013

375

2014

280

2015

229

2016

266

2017

227

2018

214

2019

228

2020

240

2021

310

2022

223

2023

256

2024

208

2025

376

2026

Top Contributors

tptacek (58) simonw (18) patio11 (17) homakov (15) tyingq (11)

Keywords

PHP IMHO index.htm OK AWS marc.info index.cfm BugReplay ListFind MSN vulnerability security vulnerabilities exploit attack exploited attack vector password v2 xss

Sample Comments

trollied • Dec 9, 2022 • View on HN

Might have been better to report it to the security people. This sort of thing can be exploitable.

FreshCode • Sep 25, 2012 • View on HN

Can anyone on HN confirm this exploit?

nikolayasdf123 • May 8, 2025 • View on HN

sounds like a security breach. how you ensure this does not become link in some next complex CVE?

qppo • May 21, 2020 • View on HN

This is one Show HN post away from an exploit in the wild

pavel_lishin • May 3, 2024 • View on HN

Sorry, what's the exploit here? What harm was done to the author?

cheesecompiler • Jan 10, 2026 • View on HN

Out of curiosity of someone who missed out on this, what is the site vulnerable to?

cerved • Apr 30, 2017 • View on HN

This sounds incredibly insecure, is it exploited much?

albertpedersen • Feb 2, 2023 • View on HN

Link to the report on HackerOne: https://hackerone.com/reports/1785260

mindslight • Feb 19, 2023 • View on HN

From reading the abstract, isn't this just exploiting the same class of security vulnerabilities that the OP is lamenting are being fixed?

kelnos • Jun 25, 2024 • View on HN

No, that's a security vulnerability waiting for someone to exploit.