MysteryVibe DVE Reports

Website: https://www.mysteryvibe.com/
Vulnerability disclosure address: [ bug-report@mysteryvibe.com](mailto: bug-report@mysteryvibe.com)
Status: Supporter, working on partnership

Date Posted:4/2/2017
Type of Vulnerability: Unauthenticated website administrative function
Products affected: https://mysteryvibe.com/
Found and reported by: RenderMan
Date Reported: 3/30/2017
Description: The “Testimonials” control panel on the mysteryvibe.com website is exposed publicly and unauthenticated. Anyone who finds it can add, delete, or edit the testimonials featured on the website and cause reputation damage
Remediation: The Testimonials control panel has been moved to a protected part of the site and is no longer exposed