Re: 1Broker.com - Vulnerabilty & bug bounty

There is Mater Key at the registration form. Looking at the JavaScript code I can see that validation will fail if key is exactly equal to 10000 or to 99999. But these values can be generated by the random generator. So the code should be changed to the following:

if (!(document.getElementById("masterkey").value >= 10000 && document.getElementById("masterkey").value <= 99999)) {
document.getElementById("error").innerHTML+="- Please generate a Master Key!
";
ok = false;
}

instead of

if (!(document.getElementById("masterkey").value > 10000 && document.getElementById("masterkey").value < 99999))
...