The Internet casino and poker house GoldenPalace.com bought up the only known deed for The White House as reported by The Inquirer.
Except that the link that the inq uses to get to the page telling the story at casinocitytimes.com revealed a little more information than they should have. Because the URL on the inq was mistyped - they tried to make two links but only made one broken one.
When I clicked on the link: http://www.casinocitytimes.com/news/article.cfm?contentID=153470%5D %20and%20here%20[http://realtytimes.com/rtcpages/20050831_titleinsurance.htm I received an error page that was obviously the result of an unchecked contentID being passed right from the url into the SQL.
This is a classic case of unchecked user supplied data being trusted which leads to a compromise in security and some very red faces when some naughty people get hold of it.
I hope they fix it soon.
Except that the link that the inq uses to get to the page telling the story at casinocitytimes.com revealed a little more information than they should have. Because the URL on the inq was mistyped - they tried to make two links but only made one broken one.
When I clicked on the link: http://www.casinocitytimes.com/news/article.cfm?contentID=153470%5D %20and%20here%20[http://realtytimes.com/rtcpages/20050831_titleinsurance.htm I received an error page that was obviously the result of an unchecked contentID being passed right from the url into the SQL.
This is a classic case of unchecked user supplied data being trusted which leads to a compromise in security and some very red faces when some naughty people get hold of it.
I hope they fix it soon.
![General [rss]](http://pgregg.com/mt-static//images/status_icons/feed.gif){kind=icon}
Even worse, they have ColdFusion configured to show anyone tracebacks by the looks of it.