Friday, February 20, 2009

Second Life susceptible to SQL injection

The famous 3D World created and powered by its residents had a big vulnerability that allowed the full access to all client accounts, their personal and payment data.

Even if the vulnerability was corrected by now (after being reported around 3 months ago), we are questioning how a company like Lindenlabs with an yearly profit of more than 400 K$ coming from Second Life, is not capable of taking their database security to a higher level.

Source: HackersBlog


No comments:

Post a Comment