Jump to content


  • Posts

  • Joined

  • Last visited

Everything posted by Coreye

  1. I edited my user agent to ' and when I login I get this error:
  2. When you click "Delete Checked Messages" and you don't have a message selected you get this error:
  3. When you sign up you get this error:
  4. You can edit the POST data and talk as any username you'd like.
  5. The chat room is vulnerable to XSS. When submitting a support ticket you get this error:
  6. You can change the "State" value when editing your profile to one that does not exist.
  7. Cross Site Scripting (XSS): You can submit code in your query and it'll execute.
  8. Cross Site Scripting (XSS): http://pt.7mediaws.org/error/screen_error?code=%3Ch1%3EXSS Cross Site Scripting (XSS): You can submit code in your first and last name and it'll execute.
  9. Have you switched hosts recently? Try the below code on your server: <?php if(mail("someone@example.com", "Subject: $subject", $message, "From: $email")) { echo "Email Sent."; } else { echo "Email NOT Sent."; } ?>
  10. Has anyone tested this recently? A few weeks ago I was on a different computer and I tried to reset my password but did not receive the email. I tried it a few minutes ago too and I did not receive it.
  11. Full Path Disclosure and Possible Database Field Leaks: http://staging.gamebu.co.uk/user/test/ I clicked the link given in the activation email and received this error: I tested this with two different email accounts and received the same message.
  12. Full Path Disclosure: https://rspsdb.org/?page=
  13. Full Path Disclosure (https://www.owasp.org/index.php/Full_Path_Disclosure): http://forum.inobb.net/viewforum.php?forum[] Error when editing a thread: BBCode breaks when you copy and paste. BBCode does not work. You can post blank posts by using HTML tags. Settings page over lapping: You can post blank topics by pressing by using the space bar.
  14. You can't edit/delete pages with special characters. I'd save the pages as IDs instead of names. EX: http://generalprogramming.org/control.php?edit=1
  15. If you start uploading a file and you leave the page before it's finished it'll say the file uploaded under "Your Uploads" but the file doesn't exist when you try to view it.
  16. I fixed this by deleting some of my messages. There's currently a limit of 50 messages and I had 133.
  17. http://forums.phpfreaks.com/index.php?app=members&module=messaging&section=send&do=form says: I've cleared my cache and that's the only page I've seen it on.
  18. I noticed with the new forum we can manually change our display name (http://forums.phpfre...rea=displayname) and the name I want (Corey - http://forums.phpfre...ser/8521-corey/) is taken but has not been active for a long time. He has 10 posts but they're not visible. I know I'm not in an "named member group", but with the new forum and the ability to change usernames ourselves I figured I'd ask.
  19. The "Last post" on the forum is incorrect. The poster is correct, but the newest post doesn't have that subject.
  20. The message system is vulnerable to XSS attacks.
  21. Looks like someone found a vulnerability with the "amenities page".
  22. Admins/mods check these threads before they go live. I'm sure they reviewed the links. You can also use http://www.WhereGoes.com/ to see where they go. The links are fine and redirect to his website. Tested it a little and found no bugs.
  23. Full Path Disclosure: http://www.osremake.org/config.php
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.