Found a business logic flaw in a major online “pay-for-content” site (not p0rn), though I can verify that it has problems in their parent family of sites, I wonder how many other sites have this problem…probably most of them…
Waiting for a response from the vulnerable company before I post details