imeem – Major Security Glitch Exposes Private / Personal Information and Allows Account Hijacking

Reading Time: < 1 minute

On August 25th, 2008 – a major security glitch appeared on imeem.com, a Social Media Network which allows it’s users to post Music, Video, and Photos.

imeem social network

The issue involves users who log in and validated through the log in process only to find themselves in someone else’s account. The users log in using their own account’s information — however, they are actually logged into someone (appears to be random) else’s account. They can modify this account just like if they were actually logged into this person’s account using that person’s login credentials. This exposes the user’s private / personal information and allows account hijacking to be done. Once logged into the other user’s account you can send messages, add friends, upload media, and CHANGE private information including the other user’s password.

To see what imeem is doing about this, check out the thread in their feedback forum: Wrong username, Heeelp @.@