Jump to content

Trackflix


mrbuter

Recommended Posts

Cross Site Scripting(XSS):

You can submit ">code into the fields on the tracking page.

 

Full Path Disclosure:

http://www.trackflix.net/index.php?list=yes&trackid=a

Warning: mysql_result(): supplied argument is not a valid MySQL result resource in /home/calvideo/public_html/netflix/index.php on line 283

 

Warning: mysql_result(): supplied argument is not a valid MySQL result resource in /home/calvideo/public_html/netflix/index.php on line 284

 

Full Path Disclosure:

http://www.trackflix.net/index.php?list=yes&trackid=999999

Warning: mysql_result() [function.mysql-result]: Unable to jump to row 0 on MySQL result index 4 in /home/calvideo/public_html/netflix/index.php on line 283

 

Warning: mysql_result() [function.mysql-result]: Unable to jump to row 0 on MySQL result index 4 in /home/calvideo/public_html/netflix/index.php on line 284

 

Full Path Disclosure:

http://www.trackflix.net/user.php?s=participation

Warning: mysql_result() [function.mysql-result]: Unable to jump to row 0 on MySQL result index 7 in /home/calvideo/public_html/netflix/user.php on line 115

 

 

Warning: mysql_result() [function.mysql-result]: Unable to jump to row 0 on MySQL result index 8 in /home/calvideo/public_html/netflix/user.php on line 115

 

 

Warning: mysql_result() [function.mysql-result]: Unable to jump to row 0 on MySQL result index 9 in /home/calvideo/public_html/netflix/user.php on line 115

 

 

Warning: mysql_result() [function.mysql-result]: Unable to jump to row 0 on MySQL result index 10 in /home/calvideo/public_html/netflix/user.php on line 115

Link to comment
Share on other sites

uhm how can you do the xss code on the tracking page? I'm pretty sure I made it remove all letters and most characters.

 

As for the full path discolure, best way to fix that would be to just change the or die(mysql_error()) to or die("some message"); right?

 

 

Link to comment
Share on other sites

That's strange...the participation one isn't supposed to ever error out.

 

It searches the databases for the entries that the user has participated in and started. If there are 0 rows then it will say that there's nothing there (and it won't try to display anything so it shouldn't error out like that...)

 

Did you happen to do anything for that to happen?

Link to comment
Share on other sites

okay I think it's because I cant get the site to strip back slashes (\).

 

How can I get it to do that lol. I've been using str_replace

 

ex:

 

$illegal = array("a", "b", "c",..., "<", ">", "/"...etc.)

$var = str_replace($illegal, "", $var);

 

but I cant include "\" in the array. At least I can't figure out how to do it. Ideas?

Link to comment
Share on other sites

  • 2 weeks later...

User credentials are sent in clear text

 

The impact of this vulnerability

A third party may be able to read the user credentials by intercepting an unencrypted HTTP connection.

How to fix this vulnerability

Because user credentials usually are considered sensitive information, it is recommended to be sent to the server over an encrypted connection.

Password type input with autocomplete

The impact of this vulnerability

Possible sensitive information disclosure

How to fix this vulnerability

The password autocomplete should be disabled in sensitive applications.

To disable autocomplete, you may use a code similar to:

<INPUT TYPE="password" AUTOCOMPLETE="off">

 

 

Link to comment
Share on other sites

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.