Worst security bug/feature you've seen?

So... you'll need the app to do that

devRant on iOS & Android lets you do all the things like ++ or -- rants, post your own rants and comment on others' rants. You can also set up your profile. Get it now!

Free Swag!

Get a free stress ball if a rant you post gets 750 ++'s

Learn More

*Some restrictions apply, click "Learn More"

Settings

Enable Dark Theme
Logout
Delete Account

Post a Rant
Settings
Log Out
Log In

Verify Your Email

In order to vote, comment or post rants, you need to confirm your email address. You should have received a welcome email with a confirm link when you signed up. If you can't find the email, click the button below.

Resend Email

New Post

Reason for Downvote?

Not for me
Repost
Offensive/Spam
Cancel

Rant

Your rant must be between 6 and 5,000 characters

5000

Attach img/gif

Edit Rant

Your rant must be between 6 and 5,000 characters

5000

Attach img/gif

Comment

Your comment must be between 6 and 500 characters

1000

Attach img/gif

Edit Comment

Your comment must be between 6 and 500 characters

1000

Join devRant

Vote and comment on others' rants. Post your own. Build your custom avatar.

Must be a valid email address

Username already taken

Must be over 6 characters

Keep me logged in

By clicking "Sign Up", you agree to the Terms of Service & Privacy Policy. FYI we never show your email to other members.

Already on devRant?

Profile Details

Tell us a little about yourself

You know the deal

Email address already registered

Email and password do not match

Keep me logged in

Forgot Password? | Signup

Forgot?

It happens to the best of us. If you still need help, email info@devrant.io

No account with that email address

I've seen JavaScript client-side app that was connecting directly to DB using hardcoded (obfuscated, lol) DB password xD

And yes, there was no DB setting that this user is read-only and only from few tables. It was like GRANT * ON *.

undefined

stupid

security

wk25

I've seen JavaScript client-side app that was connecting directly to DB using hardcoded (obfuscated, lol) DB password xD And yes, there was no DB setting that this user is read-only and only from few tables. It was like GRANT * ON *.

undefined

stupid

security

wk25

I've seen JavaScript client-side app that was connecting directly to DB using hardcoded (obfuscated, lol) DB password xD

And yes, there was no DB setting that this user is read-only and only from few tables. It was like GRANT * ON *.