Coreye
-
Posts
537 -
Joined
-
Last visited
Posts posted by Coreye
-
-
When you click "Delete Checked Messages" and you don't have a message selected you get this error:
Warning: Invalid argument supplied for foreach() in /home4/ikevz/public_html/sn/action_message.php on line 91
-
When you sign up you get this error:
Not FoundThe requested URL /signup/ was not found on this server.
-
You can edit the POST data and talk as any username you'd like.
-
The chat room is vulnerable to XSS.
When submitting a support ticket you get this error:
Warning: Cannot modify header information - headers already sent by (output started at /home/wwwroot/www.openex.pw/index.php:228) in /home/wwwroot/www.openex.pw/pages/newticket.php on line 23 -
You can change the "State" value when editing your profile to one that does not exist.
-
-
Cross Site Scripting (XSS):
http://pt.7mediaws.org/error/screen_error?code=%3Ch1%3EXSS
Cross Site Scripting (XSS):
You can submit code in your first and last name and it'll execute. -
Yes.
-
Run it separately.
-
Have you switched hosts recently? Try the below code on your server:
<?php if(mail("someone@example.com", "Subject: $subject", $message, "From: $email")) { echo "Email Sent."; } else { echo "Email NOT Sent."; } ?>
-
Has anyone tested this recently? A few weeks ago I was on a different computer and I tried to reset my password but did not receive the email. I tried it a few minutes ago too and I did not receive it.
-
Full Path Disclosure and Possible Database Field Leaks:
http://staging.gamebu.co.uk/user/test/
in /var/www/staging.gamebu.co.uk/releases/20130710194420/vendor/twig/twig/lib/Twig/Template.php line 365
at Twig_Template->getAttribute(array('gender' => 'Unspecified'), 'username') in /var/www/staging.gamebu.co.uk/releases/20130710194420/vendor/twig/twig/lib/Twig/Environment.php(320) : eval()'d code line 71
array(), 'users' => '0', 'guests' => '1', 'bots' => '0', 'newest_users' => array('data' => array(array('id' => '6', 'username' => 'Scott', 'location' => null, 'dob' => null, 'gender' => null), array(*DEEP NESTED ARRAY*)), 'pagination' => array('numbers' => array(*DEEP NESTED ARRAY*), 'total' => '1', 'pages' => '1')), 'app' => object(Application), 'currentPath' => '/user/test/'), array('javascript' => array(object(__TwigTemplate_7aa7a13f2a9aafd00efaae7720e1b51f), 'block_javascript'))) in /var/www/staging.gamebu.co.uk/releases/20130710194420/vendor/twig/twig/lib/Twig/Template.php line 133
I clicked the link given in the activation email and received this error:
I tested this with two different email accounts and received the same message.Sorry, we could not find an account associated with that activation code.
-
Warning: include(inc/pages/404.php) [function.include]: failed to open stream: No such file or directory in /home/hikdkxrq/public_html/inc/oop.php on line 10
Warning: include(inc/pages/404.php) [function.include]: failed to open stream: No such file or directory in /home/hikdkxrq/public_html/inc/oop.php on line 10Warning: include() [function.include]: Failed opening 'inc/pages/404.php' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php:/home/hikdkxrq/public_html/forum/ips_kernel/') in /home/hikdkxrq/public_html/inc/oop.php on line 10Warning: include() [function.include]: Filename cannot be empty in /home/hikdkxrq/public_html/index.php on line 7Warning: include() [function.include]: Filename cannot be empty in /home/hikdkxrq/public_html/index.php on line 7Warning: include() [function.include]: Failed opening '' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php:/home/hikdkxrq/public_html/forum/ips_kernel/') in /home/hikdkxrq/public_html/index.php on line 7 -
Full Path Disclosure (https://www.owasp.org/index.php/Full_Path_Disclosure):
http://forum.inobb.net/viewforum.php?forum[]Warning: mysqli_real_escape_string() expects parameter 2 to be string, array given in /home/content/44/10959644/html/forums/viewforum.php on line 32
Error when editing a thread:
Warning: mysqli_stmt::bind_result() [mysqli-stmt.bind-result]: Number of bind variables doesn't match number of fields in prepared statement in /home/content/44/10959644/html/forums/postreply.php on line 158
BBCode breaks when you copy and paste.
BBCode does not work.
You can post blank posts by using HTML tags.
Settings page over lapping:
You can post blank topics by pressing by using the space bar.
-
You can't edit/delete pages with special characters. I'd save the pages as IDs instead of names. EX: http://generalprogramming.org/control.php?edit=1
-
If you start uploading a file and you leave the page before it's finished it'll say the file uploaded under "Your Uploads" but the file doesn't exist when you try to view it.
-
http://forums.phpfre...on=send&do=form says:
Scheduled Downtime
We're currently undergoing scheduled maintenance to improve the site. In this case, we're converting our forums to more stable and feature-rich software. Thus, the downtime might take longer than normal. We apologize for any inconviences that this may cause.
Need help or feeling like just chatting? Our IRC Channels are still up and running, so stop being shy and come say hello!
I've cleared my cache and that's the only page I've seen it on.
I fixed this by deleting some of my messages. There's currently a limit of 50 messages and I had 133.
-
http://forums.phpfreaks.com/index.php?app=members&module=messaging§ion=send&do=form says:
Scheduled Downtime
We're currently undergoing scheduled maintenance to improve the site. In this case, we're converting our forums to more stable and feature-rich software. Thus, the downtime might take longer than normal. We apologize for any inconviences that this may cause.
Need help or feeling like just chatting? Our IRC Channels are still up and running, so stop being shy and come say hello!
I've cleared my cache and that's the only page I've seen it on.
-
I noticed with the new forum we can manually change our display name (http://forums.phpfre...rea=displayname) and the name I want (Corey - http://forums.phpfre...ser/8521-corey/) is taken but has not been active for a long time. He has 10 posts but they're not visible.
I know I'm not in an "named member group", but with the new forum and the ability to change usernames ourselves I figured I'd ask.
-
The "Last post" on the forum is incorrect.
The poster is correct, but the newest post doesn't have that subject.
-
The message system is vulnerable to XSS attacks.
-
Looks like someone found a vulnerability with the "amenities page".
-
Admins/mods check these threads before they go live. I'm sure they reviewed the links. You can also use http://www.WhereGoes.com/ to see where they go. The links are fine and redirect to his website.
Tested it a little and found no bugs.
-
Full Path Disclosure:
http://www.osremake.org/config.php
Fatal error: Call to undefined function isLoggedIn() in /homepages/31/d396088066/htdocs/config.php on line 36
Test my Game - Salvage Nation
in Beta Test Your Stuff!
Posted
I edited my user agent to ' and when I login I get this error: