Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

no-ip.com interesting way to handle newsletter options
From: Santiago Vila <sanvila () unex es>
Date: Mon, 21 Jan 2013 13:34:56 +0100 (CET)

Hello.

The newsletter no-ip.com sends to his customers has an unsubscribe
link like this:

http://www.no-ip.com/unsubscribe.php?email=user () example com

which means everybody can change your subscription options, just by
knowing the email address you used to register.

Let's see if this email helps them to disable the non privacy-aware
PHP script more quickly.

Thanks.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
  • no-ip.com interesting way to handle newsletter options Santiago Vila (Jan 21)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]