srinivasulub1981

 Profile Answers by srinivasulub1981 Questions by srinivasulub1981

• Mar 9th, 2009

 

Hi

I've found so many severe bugs in my career, i cant select from the list , any how i will try to tell one bug here..

Bug: In our project employees can do volunteering in their own and personal time, finally they can apply grant if they volunteered morethan 15 hours, if company accepted then employee can get the grant.

Here the issue is employees who are not eligible to apply grant are able to apply the grant by doing some un authorised operations.

For ex:


user1: is eligible for grant
user2: is not eligible for grant

So 2nd user is able to apply the grant by just changing the app_id from 891 to 890, this will fall under security testing, and from that on words a lot of security testing is introduced to my project.

Srinivas

mathan_vel

 Profile Answers by mathan_vel Questions by mathan_vel

• May 15th, 2009

 

I found many sever bugs in my tenure. Let me explain one severe bug that I faced in my career
For one E-Learning Application,
I got the "Forgot Password" module to test.
Once completed the temp password
was retrieved.
After login, the concern user details navigates to the "Force
Change Password" page, which forces the user to change the temporary password.

In that page 3 fields there. Old Password, New Password, Confirm Password
I supplied the valid temporary password in Old Password and supplied invalid (5 spaces using space button) in both the New & Confirm Password and submitted the page.

Once re-login, I entered valid username and invalid password (whatever) navigates to Login page.
This is the one Severe bug
I found in my career.

Best Regards
Mathanvel P

ashishks

 Profile Answers by ashishks 

• Aug 25th, 2009

 

Hi, i also found a huge number of severe bugs while testing applications.

I will tell you one of the severe bugs:
--> I was testing a web application, where user was able to upload photos, files or videos. There was a screen, called upload applet, through which user was able to upload contents. I opened upload applet in a new window and upload two large size videos and in meanwhile i opened another upload window.

As soon as i opened new window, application got hanged and once i have re-started browser and tried to login with same user, i found that user account was now corrupted.

KaizenHunt

 Profile Answers by KaizenHunt 

• Nov 2nd, 2009

 

I would like to share my experience,


I was testing an E-commerce admin Panel, There was a delete image which was provide to delete a record, I copied the URL from browser to delete a record and paste the same to the next browser, the URL showed  the delete command along with record ID, I simply change the ID and run the command.


The Result was the corresponding records were deleted from the Admin...

kurtz182

 Profile Answers by kurtz182 Questions by kurtz182

• Nov 30th, 2009

 

I was testing a grant management application and discovered an issue in a work-flow that was not covered in the business requirements.  It turns out that an organization could be granted funds they request without proper investigation, analysis and approval.  This was a defect in business logic and it only happened under very specific conditions.  I am particularly proud of this one because grants could have been awarded to unworthy causes and because I had the imagination and foresight to test real-world circumstances that were not considered in the business requirements.