xsvcash

thank you for finding those! but i have been reading more on xss and i dont see how someone could mess up a website with it ??? i know that you can use XSS to get a cookies, but people can only get their own cookies, so how would that be a threat? another thing, you guys were saying "Full Path Disclosure", is that a big security thing? also, what does "Directory Transversal", "URL Inclusion", "User Enumeration" and "Array" mean? and how could they be a threat? im sorry for sounding so stupid, but me and 3 other people coded this, so it never was really organized, but when the site started messing up i instantly though of security! thankss for the replies and please continue to help me out,, thank you so much

I run a pay-to-signup type of site ( at http://xsvcash.com/ ) recently it seems that someone has been messing around with my files and i dont know what it is! i started reading about XSS (crosssite-scripting) but i dont have any idea on how to secure my scripts... i dont even know if XSS is the problem please help i need to find and fix these holes fast!