ron8000 Posted July 5, 2008 Share Posted July 5, 2008 Hello All, I have created some custom framework software and I am putting it live soon and would like someone to test and destory it for me The site is www.NinjaTrades.com/ron_demo all of the payment stuff is there when you signup for an account. just use 123 as the CVV Can't wait for some feedback! -Ron Link to comment Share on other sites More sharing options...
Coreye Posted July 5, 2008 Share Posted July 5, 2008 Cross Site Scripting(XSS): https://triton.heritagewebdesign.com/~mehra08/ron_demo/index.php?TASK=LOGIN&MODULE="><marquee><h1>Corey Full Path Disclosure: https://triton.heritagewebdesign.com/~mehra08/ron_demo/index.php?TASK=LOGIN&MODULE[] Warning: mysql_real_escape_string() expects parameter 1 to be string, array given in /usr/home/mehra08/private/classes/DBConn.php on line 482 Link to comment Share on other sites More sharing options...
ron8000 Posted July 5, 2008 Author Share Posted July 5, 2008 Thank you, I think i've solved these problems thru-out the stie Link to comment Share on other sites More sharing options...
Recommended Posts