source
Members-
Posts
100 -
Joined
-
Last visited
Never
Everything posted by source
-
on forgotpass.php I think ' or '1'='1 may send the password to the first user, however I can not check... it does not give errors (so I assume it does)
-
http://dreamshowstudios.net/viewpic.php?pic=%22%3E%3Cscript%3Ealert(1);%3C/script%3E
-
1) xss in the soutbox 2) http://dreamshowstudios.net/h2/ 3) messages are vulnerable to xss 4) xss in the edit profile fields.
-
Trying to squeeze out the bugs ... PoliCosmos.com
source replied to policosmos's topic in Beta Test Your Stuff!
http://www.php.net/manual/en/function.mysql-escape-string.php -
destroy the session is the solution http://www.php.net/manual/en/function.session-destroy.php
-
you can register with the same email (THis would cause login problems...) you login with the email.
-
read my 1St post I edited it to include some possible methods. yeah you can just make it if ($something ... $blah blah) { die; }
-
lol @ agentsteal. i was being sarcastic. XD (Oh, and thanks I've never thought of that, nor knew it was possible)
-
@agentsteal nah man, you're finding stuff I miss in my tests... $var=strip_tags($var); $var=mysql_real_escape_string($var); using those two functions should alleviate any problems with xss/sql (Not saying that that's all you need.) oh p.s. @AndyB won't happen again... but it wasn't that bad.
-
http://www.sinisa.milicevici.com/real_estate/admin/admin.php I know you try to be 1337 and re-direct us, but I am 1337'er and use the stop button (or I could have used a program etc..) So what I am saying is the admin area isn't secure. (Oh, and to prove a point I deleted a user.. sorry) To fix this just set a $_SESSION['admin']; or something with they login, and when someone visits the page do a check... for that session == a username, or alterative make it a field in the table "admin" and add yes next to your username.. etc.. also: xss http://www.sinisa.milicevici.com/real_estate/details.php?id=16 p.s. on the front page you have: http://www.sinisa.milicevici.com/real_estate/faq.php a link to that but it does not exist.
-
also lawl... I saved the source of someone elses send message, edited the form action to send it to myn, and send <script>alert("xss");</script> and it really [pointless expletive deleted], I mean you'll see if you fill that in all fields and click send. (no alert that I could get in the 20 seconds I worked on it... :'( ) @source: explain it properly and politely or not at all, please.
-
xss vulnerability when I public a pic, multiple fields.' http://www.arteinsania.net/artwork/000064 XSS vuln on edit profile page oy, dude I can cause errors on my profile page by setting values to "> etc.. and when i saved the source and messed with the maxlength vals I was able to fuck around a lot... "lives in none, united states" sure I could make that xss where the none is if I changed it's type to a form...
-
in the top left corner there is xss vuln (i search for <script>alert("xss");</script>) etc... then it gives mysql errors... I noticed your VBULLETIN also seems to be out of date. There most likely have been security patches/checks/etc... may want to consider upgrading. I go to say http://elitebattles.com/gamelist---1-War.html and do the same search and I get a mysql display "Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/burly/public_html/pages/search.php on line 229" http://elitebattles.com/files.html also same errror with same search... http://elitebattles.com/games.html also coding your own stuff is the way to go in the future..
-
') or ('1'='1 entering that also produces the same error (in the topic id)
-
I found nothing security wise, good job.
-
like we said, half of the links are broke how can we mess with it?
-
agentsteal!!!!! It's source from HTS if you remember me.
-
http://streamline-creations.co.uk/beta/ p.s.: Most of the links don't work so how can we test them? Tho, your login SEEMS secure from SQL injection
-
[SOLVED] A moment of your time to test out my search page.
source replied to rcorlew's topic in Beta Test Your Stuff!
wow: I thought I was done till I registered a site: I registered the account "asshole" password "password" Well I go to messages and there is NO option to send one. 2) I go to edit my page and I click edit and it logges me in as someone else ? WTF 3) Edit page doesn't work? 4) forums I was able to post a topic that was blank. -
xss: http://jobspokhara.com.np/display_joblist.php?category=%3Cscript%3Ealert(1);%3C/script%3E p.s. I never got my email when I registered p.s.s. You're image verification was REALLY HARD TO READ
-
[SOLVED] A moment of your time to test out my search page.
source replied to rcorlew's topic in Beta Test Your Stuff!
from some simple testing I was not actually able to produce XSS, but you had some errors: for example I could get anything to appaer over the forums link (add to it) etc.. might want to fix that -
[SOLVED] Client login tool to check for updates on cases.
source replied to $username's topic in Beta Test Your Stuff!
login is vulnerable to sql injection. -
if ($_GET['page' > 0) { do this } Yes you should set a limit to how long their USername can be..
-
http://layoutsector.com/layouts.php?cat_id=4&page=-1 and I believe I registered with a username that contains javascript Use PHP to check the length of the username so people can't save the source etc... And mysqql. I'll look more in a little
-
http://www.zwmster.com/users/98?id=98 http://www.zwmster.com/users/99?id=99 Also, while I won't provide the link your search is also vulnerable to xss... either or/ you dont filter the name fiel that is optional upon registering