http://digg.com/security/Bidvertiser_-_The_5_Million_Dollar_Lie I reported this problem more than a year ago...they said they would give me 5 bucks for helping them find that "hole"...never got it. The problem is still there...looks like they never fixed it. The majority of webmasters run some type of stats program... I titled it 5 million dollar lie because, you think anyone will press a lawsuit? Okay, maybe it won't cost them that much...but yeah man...they never fix it after I reported it to them so long ago. The article talks about what I found out about them...but a quick summary is, I found a way to get into anyone publisher/advertiser account page and be able to access any page... I'm reporting it them...anyone would like to verify my findings please do so. I already verifed it with someone. And I resent a ticket about it. Not good at all...
I gave you a digg for the article plus I also commented on it with unfortunately a few gramma errors. I think this is a little beyond a joke and they should fix it ASAP.
thanks, but I feel bad for anyone who could become a target for identity thief. Mainly the publishers...because most of the sensitive information is associated with the publisher account. 1 year, and they never fixed it. More than a year. If anyone is wondering how I got the referral link. It's when you check who is advertising on your site, and you clcik on that link of the advertisers. It's the same for advertisers. You want to check which sites to advertise on, and you click on a a link to their webpage, then it counts as a referal link on any stats program. They don't use cookies...they use sometype of online expire session thingy. So even if you log out you can press back and keep browsing.
It seems that they are probably using some sort of sessions, just they most probably don't know how to use them properly or something.
It's a bit disapointing that it has not received much attention on digg. 7 diggs and 1 comment from me. It's as if people don't care, but then again, they do. It has only had a minor about of diggs because most of the people on digg probably have nothing to do with affiliate marketing and things so they may not understand.
lol, that's okay. doesn't really matter. thanks for the comments though. it's kinda dissapointing though to see it still there after 1 year. They are a good network, but you would think, that it this would have gotten fixed or something.