|
FIDDY CCBILL VULNERABILITIES!!!
I can't believe I beat Woj to the punch. WooHoo! Ahem. |
still waiting for a ccbill fix.
|
They are too busy counting their monies.
|
CCBILL has had this problem for years... Why change anything now?
|
Quote:
PHP Code:
|
Quote:
|
Nice script
|
Get an alternate merchant account already. Quit paying 15% or more. See Sig Below. Free to Apply.
|
Quote:
hope its fixed soon |
I got the answer:thumbsup
|
still no reply?
|
Quote:
;) Sally. |
still no reply?
|
At one point in time I was aware of how to create logins and passwords on any CCBill site, I believe it worked like a charm. Was years ago though.
|
why using CCbill where you can use NetPay international ..a leader in providing on-line, real-time payment processing solutions in a solid, secure and reliable manner.
not only secure, but has advanced technology and new payment solution to European customers. contact me for info. May |
Again only one who is losing money are affiliates. CCbill gets it's cut, sponsor too. Also problems with CCbill sales started around those dates mentioned in report...
|
Quote:
|
Quote:
|
has this been fixed yet?
|
Quote:
|
Quote:
|
Come on guys. Give them some time to fix it.
In 2005 I complained to CCBill that their website was a pain in the ass and not user-friendly to use. Now 5 years later look how much (or nothing) has changed. The website still looks like Web 1.0. However, the CCBill private jet sure does look fine. Epoch is also weak code. Just try to sign up as an affiliate and notice the bugs in the sign-up form. The programmer didn't know (or was too lazy) to dynamically fill in the SELECT boxes or the RADIO buttons. They lose their values when the form is recreated during the field validation process. With such newbie errors present one can only fear that the same programmer has been to lazy to sanitize inputs other places in the code, thus allowing for SQL injections. |
The website looks bogus. If it was possible to write to CCBill's server, the easiest way to alert CCBill about the problem would be to deface their website.
|
Quote:
for a few thousand dollars they could re-design the whole site and have a new fresh look that would pay for it self in matter of days! |
Of course it isn't fixed. This is CCBill we're talking about.
As I said up top, they're too busy counting their monies to worry about real issues. |
ccbill still getting hacked eh
|
CCBill, why get this topic locked?
https://gfy.com/showthread.php?t=992256 |
PHP for the WIN.....
....for hackers of course. LOL! :1orglaugh |
Quote:
|
Quote:
This report was a complete joke. This was just a variation of a Nigerian scam. We contacted the website and they responded via GMAIL if we would "Western Union" them 10k they would tell us what was wrong. LOL They create a fake security page and post stuff and hope companies will pay the blackmail money VIA WESTERN UNION (LOL) But hey if it is on the Internet it MUST BE TRUE. End of Story. Ron C _________ CEO CCbill.com Cavecreek.com |
Quote:
|
Quote:
I see where your team spoke about this months ago: http://seclists.org/fulldisclosure/2010/Aug/193 Quote:
|
Quote:
There seems to be plenty of that going around these days. If I am not mistaken one of the scammers were of Nigerian origin. Another seems to be of American origin. I wonder if you would mind posting the contact info or the gmail email account so that some of us may give the nigerian scammers a piece of our mind as well. You say they created a "fake" security page and tried to extort 10k from you guys for a fix? Man that is pretty crass. It is also very reassuring to know that all of my data as a client is secure and that you guys take data integrity so seriously. After all what is really being sold here is confidence and a processing companies success is only as good as its clients confidence in it of said "data integrity" Please post the contact info for the scammers would love to communicate with them. Also thanks for the "hey if its on the internet its true" comment, I am still chuckling uncontrollably from that one:) |
Quote:
I am writing today to let you know how awesome you are. Your music is great and it always picks me up when I am down. My cousin is a singer but she is not as good as you. Remember that one time they asked you in an interview if you were a virgin and you said you were but it turns out you weren't? Well, that was pretty rude of them. Please give me the email address of that interviewer. I'd love to give them a piece of my mind. Hey Britney, would you mind mailing me back with your concert dates? I'd love to see one of your shows. Anyway, I feel some sort of closeness with you after writing this. I hope that you'll send me an autographed picture. Fondly, Your #1 Fan |
Quote:
|
Quote:
I worked for an e-commerce company that went through PCI compliance for all its servers and it is extremely thorough, and as I understand it anything that stores CC data has to be PCI compliant. |
Reading this thread had me shaking my head.
Why would you give credence to a company issuing an advisory when they have an about us page like this Doing a WHOIS on the domain reveals Polish contact details with a hotmail email address. Very professional. Look at the credibility of the web site - it was registered in 2009 and is obviously, I mean so scammer obviously, bogus. |
| All times are GMT -7. The time now is 06:58 PM. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123