What is the worst security hole you’ve ever seen? It is probably a good idea to keep details limited to protect the guilty.
For what it’s worth, here’s a question about what to do if you find a security hole, and another with some useful answers if a company doesn’t (seem to) respond.
163 Answers 163
From early days of online stores:
Getting a 90% discount by entering .1 in the quantity field of the shopping cart. The software properly calculated the total cost as .1 * cost, and the human packing the order simply glossed over the odd “.” in front of the quantity to pack 🙂
