Before you begin reading the writeup, I had contacted the company who’s server contains the vulnerability and disclosed all the information I had about what I did.  Their response was that they didn’t consider it a risk, and weren’t going to be modifying the server security.  So I am taking that as a “closed” issue on their end, and I’ll at least write it up. While trying to determine how secure the...

Read More