how to poison phishing sites with fake data
Surely old HTTP-only sites can't be vulnerable if not updated for 5 years, right?