April 19th, 2020 at 3:35 AM
Personally, it seems that the MyBB Admin Panel has to be pretty high on that list. It's absolutely riddled with XSS vulnerabilities. That being said, it's not a risk because the user has to get access to the ACP first. Once they have access to the ACP, you're already screwed. They can do whatever they want anyway.
I'll put my very first PHP project on the list too. It was a project called Filecave. I didn't do very much input sanitization. I just coded it all out and was like "meh, I'll sanitize later." What a decision that was. I ended up cancelling the project over it.
Then there are all of the government sites that literally store passwords in plain text. No idea who they hired to do these websites, but that's terrible practice. Even random sophomores at my university know better than to try that.
I would have to say older versions of Windows, at the end of the day. Windows XP is notoriously insecure. They never really got it reasonably good security wise. Even Windows 10 is far less secure than Mac OS and Linux. This may, in part, be because it's the most popular OS in the world. It gets targeted far more often, but I truly believe it is genuinely much less secure in general.
What are the most insecure softwares you've ever discovered/run across?
I'll put my very first PHP project on the list too. It was a project called Filecave. I didn't do very much input sanitization. I just coded it all out and was like "meh, I'll sanitize later." What a decision that was. I ended up cancelling the project over it.
Then there are all of the government sites that literally store passwords in plain text. No idea who they hired to do these websites, but that's terrible practice. Even random sophomores at my university know better than to try that.
I would have to say older versions of Windows, at the end of the day. Windows XP is notoriously insecure. They never really got it reasonably good security wise. Even Windows 10 is far less secure than Mac OS and Linux. This may, in part, be because it's the most popular OS in the world. It gets targeted far more often, but I truly believe it is genuinely much less secure in general.
What are the most insecure softwares you've ever discovered/run across?