confused?

Ok well I was looking around this website we'll call it www.NotGivingItAway.com and then I proceeded to goto www.NotGivingItAway.com/admin/ and then it gave me a list of things i could do to the front of the web page(like any other admin pannel). But there was no login required for this page, and i could basically do whatever to the front page. Why is this, was this a huge mistake or the ignorance of the owner of the website owner???

i've seen similar things in the past.

it just comes down to extremely poor coding, and beyond stupidity when it comes to security.

people who code cms's like that shouldnt have jobs!

Yeah i made it very clear to them that they were stupid :evil:

lol a site like that almost doesn't even deserve to be hacked

almost

It is either

1. Sheer laziness
2. Stupidity/Bad Coding
3. Apathy not caring because the site isn't that important to them

You should watch "It takes a theif" on the Discovery Channel. It is basically a show where people allow others (the hosts who are ex-burglars) to break into their houses. The physical security (we're talking the wall between the burglar and your SSN's, money, jewelry, stashed money) is horrible. Some of them leave their doors open, some close them but don't lock their locks and some leave their valuables in easy to find places.