GeekInterview.com
  I am new, Sign me up!
 
GeekInterview.com  >  Interview Questions  >  Testing  >  Web Testing
Go To First  |  Previous Question  |  Next Question 
 Web Testing  |  Question 93 of 96    Print  
Severe Bug
What severe bug you raised while testing a web application which you are proud of?


  
Total Answers and Comments: 4 Last Update: November 02, 2009     Asked by: Rajesh kumar914 
  
 Sponsored Links

 
 Best Rated Answer
Submitted by: srinivasulub1981
 
Hi

I've found so many severe bugs in my career, i cant select from the list , any how i will try to tell one bug here..

Bug: In our project employees can do volunteering in their own and personal time, finally  they can apply grant if they volunteered morethan 15 hours, if company accepted then employee can get the grant.

   Here the issue is employees who are not eligible to apply grant are able to apply the grant by doing some un authorised operations.

For ex:


 user1: http://geekinterview.com/applygrant.php?app_id=890 : is eligible for grant
 user2: http://geekinterview.com/applygrant.php?app_id=891 : is not eligible for grant

So 2nd user is able to apply the grant by just changing the app_id from 891 to 890, this will fall under security testing, and from that on words a lot of security testing is introduced to my project.

Srinivas 

Above answer was rated as good by the following members:
marshal khan
March 09, 2009 00:14:36   #1  
srinivasulub1981 Member Since: December 2005   Contribution: 381    
RE: Severe Bug
Hi

I've found so many severe bugs in my career i cant select from the list any how i will try to tell one bug here..

Bug: In our project employees can do volunteering in their own and personal time finally they can apply grant if they volunteered morethan 15 hours if company accepted then employee can get the grant.

Here the issue is employees who are not eligible to apply grant are able to apply the grant by doing some un authorised operations.

For ex:


user1: http://geekinterview.com/applygrant.php?app_id 890 : is eligible for grant
user2: http://geekinterview.com/applygrant.php?app_id 891 : is not eligible for grant

So 2nd user is able to apply the grant by just changing the app_id from 891 to 890 this will fall under security testing and from that on words a lot of security testing is introduced to my project.

Srinivas
 
Is this answer useful? Yes | NoAnswer is useful 1   Answer is not useful 0Overall Rating: +1    
May 15, 2009 00:09:24   #2  
mathan_vel Member Since: December 2007   Contribution: 422    
RE: Severe Bug
I found many sever bugs in my tenure. Let me explain one severe bug that I faced in my career
For one E-Learning Application
I got the "Forgot Password" module to test.
Once completed the temp password
was retrieved.
After login the concern user details navigates to the "Force
Change Password" page which forces the user to change the temporary password.


In that page 3 fields there. Old Password New Password Confirm Password
I supplied the valid temporary password in Old Password and supplied invalid (5 spaces using space button) in both the New & Confirm Password and submitted the page.


Once re-login I entered valid username and invalid password (whatever) navigates to Login page.
This is the one Severe bug
I found in my career.

Best Regards
Mathanvel P
 
Is this answer useful? Yes | NoAnswer is useful 1   Answer is not useful 0Overall Rating: +1    
August 25, 2009 06:10:56   #3  
ashishks Member Since: December 2008   Contribution: 73    
RE: Severe Bug
Hi i also found a huge number of severe bugs while testing applications.

I will tell you one of the severe bugs:
--> I was testing a web application where user was able to upload photos files or videos. There was a screen called upload applet through which user was able to upload contents. I opened upload applet in a new window and upload two large size videos and in meanwhile i opened another upload window.

As soon as i opened new window application got hanged and once i have re-started browser and tried to login with same user i found that user account was now corrupted.
 
Is this answer useful? Yes | No
November 02, 2009 04:40:17   #4  
KaizenHunt Member Since: October 2009   Contribution: 3    
RE: Severe Bug
I would like to share my experience


I was testing an E-commerce admin Panel There was a delete image which was provide to delete a record I copied the URL from browser to delete a record and paste the same to the next browser the URL showed the delete command along with record ID I simply change the ID and run the command.


The Result was the corresponding records were deleted from the Admin...

 
Is this answer useful? Yes | No


 
Go To Top


 Sponsored Links

 
About Us -  Privacy Policy -  Terms and Conditions -  Contact -  Ask Question -  Propose Category -  Site Updates 

Copyright © 2005 - 2009 GeekInterview.com. All Rights Reserved

Page copy protected against web site content infringement by Copyscape