Security flaw reported on Gauteng school applications website

ActivateD

Expert Member
Joined
Jun 7, 2004
Messages
1,303
#3
So no penetration test was done to the website before being pushed to production? I wonder what other OWASP top 10 vulnerabilities exist on the website
 

McGuywer

Executive Member
Joined
Jun 28, 2006
Messages
6,098
#5
This has happened way to many times before....
Same development company?
Didn't Joburg or Pretoria have the same issue?
 

ISP cash cow

Executive Member
Joined
Feb 10, 2011
Messages
5,185
#12
Isn't this the exact same issue that the City of Joburg had with the municipality accounts a couple of years ago, which one of the MYBB members found and tried to warn the government of the issue and then got all hot headed claiming he was hacking?

You would of thought the government had learned its lesson in creating websites with flaws.
 

manMountain

Active Member
Joined
Aug 13, 2018
Messages
77
#16
Is their a database of personal information? If there is there should be security audits. If due process is not followed and there is a leak of personal information the government is opening itself for a massive lawsuit, especially if people are coerced into having to add their information.
 

LCBXX

Honorary Master
Joined
Apr 11, 2006
Messages
10,244
#17
The amount of .gov.za sites that fail basic vulnerability assessments is staggering.
 
Last edited:
Top