blackcell Posted July 15, 2008 Author Share Posted July 15, 2008 Ok, session is re-generating at login. Can you check it for me? Link to comment https://forums.phpfreaks.com/topic/109439-ticket-system-to-do-management/page/3/#findComment-590959 Share on other sites More sharing options...
darkfreaks Posted July 15, 2008 Share Posted July 15, 2008 sure let me start the scan Link to comment https://forums.phpfreaks.com/topic/109439-ticket-system-to-do-management/page/3/#findComment-590984 Share on other sites More sharing options...
darkfreaks Posted July 15, 2008 Share Posted July 15, 2008 Blackcell: your XSS is not fixed!!!!! Affected Files: ticket.php user_track.php /admin/index.php Solution: filter your variables strip_tags() should fix this Link to comment https://forums.phpfreaks.com/topic/109439-ticket-system-to-do-management/page/3/#findComment-591001 Share on other sites More sharing options...
darkfreaks Posted July 15, 2008 Share Posted July 15, 2008 also you will not be safe from PHPSESSID exploit until you go into your server files into php.ini and fix that file from 0 to 1. read the exploit i posted about PHPSESSID Link to comment https://forums.phpfreaks.com/topic/109439-ticket-system-to-do-management/page/3/#findComment-591054 Share on other sites More sharing options...
Recommended Posts