Hacking and exploiting - How do you deal with any security holes you find?

Question

Today online security is a very important factor. Many businesses are completely based online, and there is tons of sensitive data available to check out only by using your web

Answer 1

We informed the main developer about a sql injection vulnerability on their login page. Seriously, it's the classic '-- variety. You can't bypass the login, but you can easily execute arbitrary sql. Still hasn't been fixed in 2 months! Not sure what to do now...no one else at my office really cares, which amazes me since we pay so much for every little upgrade and new feature. It also scares me when I think about the code quality and how much stock we are putting in this software.