Too bad I don't have a VirWoX account...

i'm reporting this. not stealing anything.
1. It's only 0.05 BTC that comes to me IF you manually remove the link-breaking text
2. I deliberately broke the link with descriptive text

I've reported it to them, they've sat on it; I assumed they read these forums.

So you'd prefer I just wait until they fix it, hoping nobody else discovers it before they do?

The few security "experts" that post on this forum have tons of knowledge, but they lack social skills and common sense.

My two bitcents.

I was beyond dumb, I knew it was something bad and still went in just to see what it was

Still, those lesser than me are idiots too, and no one deserves to be fucked with in this subforum.  Keep it in development and etc.   Forcing it to break in public is not the way to fix things, it drops confidence overall, when cuddlefish obviously knew of this exploit for a while, I guess couldn't fix it but only manipulate it and use it to fuck around with general users (also, I have seen his link in another thread without the remove text, still does not matter).

Look, I can't hate the guy for finding out an exploit, but if his choice was to not make this thread or make it, well he could have did a billion things more productive for this particular situation other than make this thread in the manner that he did.

Virwox response please?

[If VirWox does not respond quickly, I would urge all BTC folks to take business elsewhere.]

He didn't mention that he had contacted them.

@cuddlefish: Could you please clarify if you contacted them prior to the full disclosure, and how long. Thanks!

I contacted them, they said they "fixed it promptly" after being contacted by OP. Can someone confirm that it is fixed or not?

Exposure works every time. Thanks OP.