UrbanTwitch Posted September 28, 2008 Share Posted September 28, 2008 In the past few months, I've been coding. I have been making a profile system along with a gallary. If you would, please take the time to visit my site and beta test for ANY kind of bugs you see. Weather it be style, coded, or even generic bugs. Post' em. http://sodadome.com Link to comment Share on other sites More sharing options...
Coreye Posted September 28, 2008 Share Posted September 28, 2008 Cross Site Scripting(XSS): You can submit ">code when logging in and it executes on the next page. Cross Site Scripting(XSS): You can submit ">code when adding comments to the news articles. Cross Site Scripting(XSS): You can submit ">code when sending PM's. Includes directory: http://sodadome.com/includes/ Full Path Path Disclosure: http://sodadome.com/includes/footer.php Warning: mysql_query() [function.mysql-query]: Access denied for user 'jsfdan'@'localhost' (using password: NO) in /home/jsfdan/public_html/includes/footer.php on line 7 Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in /home/jsfdan/public_html/includes/footer.php on line 7 Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/jsfdan/public_html/includes/footer.php on line 7 Warning: mysql_query() [function.mysql-query]: Access denied for user 'jsfdan'@'localhost' (using password: NO) in /home/jsfdan/public_html/includes/footer.php on line 8 Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in /home/jsfdan/public_html/includes/footer.php on line 8 Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/jsfdan/public_html/includes/footer.php on line 8 Warning: mysql_query() [function.mysql-query]: Access denied for user 'jsfdan'@'localhost' (using password: NO) in /home/jsfdan/public_html/includes/footer.php on line 9 Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in /home/jsfdan/public_html/includes/footer.php on line 9 Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/jsfdan/public_html/includes/footer.php on line 9 Warning: mysql_query() [function.mysql-query]: Access denied for user 'jsfdan'@'localhost' (using password: NO) in /home/jsfdan/public_html/includes/footer.php on line 10 Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in /home/jsfdan/public_html/includes/footer.php on line 10 Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/jsfdan/public_html/includes/footer.php on line 10 Warning: mysql_query() [function.mysql-query]: Access denied for user 'jsfdan'@'localhost' (using password: NO) in /home/jsfdan/public_html/includes/footer.php on line 11 Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in /home/jsfdan/public_html/includes/footer.php on line 11 Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/jsfdan/public_html/includes/footer.php on line 12 Warning: mysql_query() [function.mysql-query]: Access denied for user 'jsfdan'@'localhost' (using password: NO) in /home/jsfdan/public_html/includes/footer.php on line 14 Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in /home/jsfdan/public_html/includes/footer.php on line 14 Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/jsfdan/public_html/includes/footer.php on line 14 Full Path Disclosure: http://sodadome.com/reg.php Fatal error: Cannot redeclare protect() (previously declared in /home/jsfdan/public_html/config.php:50) in /home/jsfdan/public_html/config.php on line 60 Full Path Disclosure: http://sodadome.com/CaptchaSecurityImages.php?width[] Fatal error: Unsupported operand types in /home/jsfdan/public_html/CaptchaSecurityImages.php on line 52 Full Path Disclosure: http://sodadome.com/friendrequest.php?user[] Warning: htmlspecialchars() expects parameter 1 to be string, array given in /home/jsfdan/public_html/friendrequest.php on line 23 Link to comment Share on other sites More sharing options...
UrbanTwitch Posted September 28, 2008 Author Share Posted September 28, 2008 No worries about the full path closure. How do I remove the ability to post scripts in the areas you mentioned and how did get a blank username getting passed the filter? Link to comment Share on other sites More sharing options...
Recommended Posts