skatermike21988 Posted June 23, 2008 Share Posted June 23, 2008 Hello, I have just finished making a customized whmcs template and would like to make sure everything works like it should. Here is the link: http://www.insta-hosting.com/custom/whmcs/ If you would like to log in and view the members area here are demo details: USER: demo PASS: demo Here is how things should look: 1.) Login box, navigation, and bread crumb should showup in the header. 2.)When logged in, if javascript is enabled, when clicking show links, client links should drop down. Those are the main things I am looking to make sure are right. If you find any problems please post, when posting could you possibly include what browser you where using when the problem occured. Thanks everyone. Link to comment Share on other sites More sharing options...
waynewex Posted June 23, 2008 Share Posted June 23, 2008 On the register page, your errors should really be layed out one after another. Otherwise they look kind of messy. Maybe use a <UL> or something. Other than that, looking good and working well. As far as I can see. Link to comment Share on other sites More sharing options...
helraizer Posted June 23, 2008 Share Posted June 23, 2008 http://www.insta-hosting.com/custom/whmcs/clientarea.php/%22%3E - ruins the layout. Link to comment Share on other sites More sharing options...
skatermike21988 Posted June 24, 2008 Author Share Posted June 24, 2008 http://www.insta-hosting.com/custom/whmcs/clientarea.php/%22%3E - ruins the layout. If you don't mind me asking, but was there anything you clicked on to bring you to this link? Link to comment Share on other sites More sharing options...
ShimmyShine Posted June 29, 2008 Share Posted June 29, 2008 My screen is 1024.. i have to scroll to view your whole page. Shimmy Link to comment Share on other sites More sharing options...
darkfreaks Posted July 9, 2008 Share Posted July 9, 2008 Vulnerability description This alert was generated using only banner information. It may be a false positive. A stack-based buffer overflow has been reported in the Apache mod_ssl module. This issue would most likely result in a denial of service if triggered, but could theoretically allow for execution of arbitrary code. The issue is not believed to be exploitable to execute arbitrary code on x86 architectures, though this may not be the case with other architectures. Affected mod_ssl versions (up to 2.8.17). This vulnerability affects mod_ssl. The impact of this vulnerability Denial of service and/or possible arbitrary code execution. Attack details Current version is mod_ssl/2.0.63 OpenSSL/0.9.7a mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/4.4.7 How to fix this vulnerability Upgrade mod_ssl to the latest version. Vulnerability description This alert was generated using only banner information. It may be a false positive. A format string vulnerability has been found in mod_ssl versions older than 2.8.19. Successful exploitation of this issue will most likely allow an attacker to execute arbitrary code on the affected computer. Affected mod_ssl versions (up to 2.8.18). This vulnerability affects mod_ssl. The impact of this vulnerability Denial of service and/or possible arbitrary code execution. Attack details Current version is mod_ssl/2.0.63 OpenSSL/0.9.7a mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/4.4.7 How to fix this vulnerability Upgrade mod_ssl to the latest version. Link to comment Share on other sites More sharing options...
darkfreaks Posted July 9, 2008 Share Posted July 9, 2008 Vulnerability description HTTP TRACE method is enabled on this web server. In the presence of other cross-domain vulnerabilities in web browsers, sensitive header information could be read from any domains that support the HTTP TRACE method. This vulnerability affects Web Server. The impact of this vulnerability Attackers may abuse HTTP TRACE functionality to gain access to information in HTTP headers such as cookies and authentication data. Attack details No details are available. View HTTP headers Request TRACE /TRACE_test HTTP/1.0 Accept: */* User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322) Host: www.insta-hosting.com Connection: Close Pragma: no-cache Acunetix-Product: WVS/5.0 (Acunetix Web Vulnerability Scanner - EVALUATION) Acunetix-Scanning-agreement: Third Party Scanning PROHIBITED Acunetix-User-agreement: http://www.acunetix.com/wvs/disc.htmResponse HTTP/1.1 200 OK Date: Wed, 09 Jul 2008 15:46:59 GMT Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.7a mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Connection: close Content-Type: message/http View HTML response Launch the attack with HTTP Editor How to fix this vulnerability Disable TRACE Method on the web server. Possible sensitive directories Vulnerability description A possible sensitive directory has been found. This directory is not directly linked from the website.This check looks for known sensitive directories like: backup directories, database dumps, administration pages, temporary directories. Each of those directories may help an attacker to learn more about his target. This vulnerability affects /client. The impact of this vulnerability This directory may expose sensitive information that may help an malicious user to prepare more advanced attacks. Attack details No details are available. View HTTP headers Request GET /client HTTP/1.0 Accept: */* User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322) Host: www.insta-hosting.com Connection: Close Pragma: no-cache Acunetix-Product: WVS/5.0 (Acunetix Web Vulnerability Scanner - EVALUATION) Acunetix-Scanning-agreement: Third Party Scanning PROHIBITED Acunetix-User-agreement: http://www.acunetix.com/wvs/disc.htmResponse HTTP/1.1 301 Moved Permanently Date: Wed, 09 Jul 2008 15:49:32 GMT Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.7a mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Location: http://www.insta-hosting.com/client/ Content-Length: 423 Connection: close Content-Type: text/html; charset=iso-8859-1 View HTML response Launch the attack with HTTP Editor How to fix this vulnerability Restrict access to this directory or remove it from the website. Link to comment Share on other sites More sharing options...
Recommended Posts