Finding Security Bugs in Gawker Source Code
With the recent high-profile Gawker compromise, their entire source code and user database are available as a torrent. Some people have taken to cracking the (weak) password hashes, whilst others are looking for bugs in the source.
GBOTD#1 is a XSS found in the first 3 lines of the first file:
According to Mike, he’s already found over 30 bugs after just a few hours of hunting.