Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Date: Fri Nov 30 2007 - 06:35:00 CST
Cheers guys :)
I'll check and fix this issue asap, although i'd like to point out a couple things:
* The tool itself isn't meant to be accessible from the internet when used in a production environment. It's been developed as an inventory management tool and POS system and as such it should be normally used in an intranet if not a local system completely disconnected from a network.
Such a scenario would greatly reduce the chance of an external attack.
* The tool is a beta and honestly not being developed anymore as there's little to no interest on it :)
I decided to publish it on my site for free 'as is'
* It would be actually cool if someone bothered to inform me of such security hole ;).
I discovered it just by chance because i noticed that a few sites like this one were backlinking to my site...
I am not developing the tool anymore and despite the fact there's still people who registers on my forum and downloads it i have no feedbacks or requests that might make me want to put my hands on it to develop it further.
I'll just check this issue, as i find it challenging, and fix it but sure won't go any deeper than that :)
thanks for the info, even if i had to discover it myself. It will sure be a good exercise for me ;)