S
SPQR
Guest
I think I found something that might be a critical security issue in latest vam1.
I'm 99% sure you can grab a user's vam data (screenshots, paid addons, IP) and send it silently to a 3rd party with a few lines of code in any var.
Where should I send it to? Probably not a good idea to post it here because it's very simple to exploit. If one of the mods can PM me and let me now that would be great!
I'm 99% sure you can grab a user's vam data (screenshots, paid addons, IP) and send it silently to a 3rd party with a few lines of code in any var.
Where should I send it to? Probably not a good idea to post it here because it's very simple to exploit. If one of the mods can PM me and let me now that would be great!