

Zamfoo Critical Security Vulnerabilities - Avalaxy
http://www.webhostingtalk.com/showthread.php?t=1275572

======
thirsteh
"not only that. there is an emergency kill switch. if you release the patch i
will pull the switch and no one can use the software. your exploit will not
work if i do that. the plugin will become useless until i turn it back on.

kevin"

I am really scared by some kinds of people who develop forum and e-commerce
software.

~~~
andrewflnr
He said he actually did it, too, later in the thread. He also claimed to have
fixed it, then Patrick came back and said he re-broke it in five minutes. The
whole thing is hilarious, if you can discount all the customers getting hosed.

------
bifrost
Its amazing in this day and age that people don't get how bad these things are
to leave open.

------
danso
So how many customers did Zamfoo have? It looks like it's being managed by one
person, who apparently doesn't have a great software dev environment...which
means maintaining and improving the codebase on his own must have been a
Herculean feat. Have to give him props for making it this far...

~~~
andrewflnr
No you don't. Any idiot can slog through mud. Why didn't he fix his dev
environment?

