View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0004063 | mantisbt | security | public | 2004-07-10 12:02 | 2006-10-09 11:54 |
Reporter | joxeanpiti | Assigned To | masc | ||
Priority | normal | Severity | major | Reproducibility | always |
Status | closed | Resolution | fixed | ||
Product Version | 0.19.0a1 | ||||
Fixed in Version | 0.19.0rc1 | ||||
Summary | 0004063: Possible E-Mail Bomber | ||||
Description | We can create a simple program to send too many e-mails to any the same e-mail address by simply changing the username. For example : 1.-Navigate to http://bugs.mantisbt.org/signup_page.php 1.-Navigate to http://bugs.mantisbt.org/signup_page.php ... | ||||
Additional Information | You need a filter. You don't need to send more than 3 e-mails to any person. | ||||
Tags | No tags attached. | ||||
I create a simple program in PHP to test it. ¡I send me 15 e-mails in a second! Please, correct it. When you correct the bug I will publish the sample program. edited on: 07-10-04 12:20 |
|
We should use a tool to verify that the form is being filled by a human. A script like the following can be used to achieve that: |
|
Victor, |
|
Marcello, please go ahead. |
|
fixed with the change in 0000633. |
|