Closed nathan815 closed 8 years ago
Original comment by Winston Smith (Bitbucket: Winston-Smith, GitHub: Winston-Smith):
Hello Nathan, Sorry I should have clarified this, this was part of a diversion I used for the joke, I used it as a way to get the fake Nathan take contact with me in chat so it looked more natural. Of course having an over the top vulnerability description was something of a bonus ;) Cheers, Joe
Original comment by Nathan Johnson (Bitbucket: nathancjohnson, GitHub: Unknown):
Was this an April fools joke? Or real?
Please email me immediately about this if it is real.
Originally reported by: Winston Smith (Bitbucket: Winston-Smith, GitHub: Winston-Smith)
Hello Nathan,
Winston here. I can get access to TSS's DB using a cumulative bug during a reset ... I can't explain here how to fix it, for obvious reasons. It goes so far I can see everything and edit as well, using a bit of a simple SQL injection -_-
As usual ... see you in chat for the details on how to patch this,
Joe