Quote:
Originally Posted by CHMOD
If you have a custom username/password management script, there may be a security leak.
|
What he said.
First thing I would check is if the users appear also in the CCBill DB (although never paying), or if they are only in your site db (or htpassword file if you are doing it that way)
If the latter, that could be an indication of a security leak on your side of things, not even necessarily related to the CCBill script.