iShaun Posted September 28, 2008 Share Posted September 28, 2008 Please review the security/looks/functionality of my new forums software located here: http://sb.shaunsnetwork.com/ You may login with the credentials: Username: test Password: test With this account, you can post new topics and replies in the "Test Forum". Some functionality isn't working yet, but test and review whats there. Thanks, -Shaun (Head Developer) Link to comment Share on other sites More sharing options...
Coreye Posted September 28, 2008 Share Posted September 28, 2008 Full Path Disclosure: http://sb.shaunsnetwork.com/?act=viewboard Fatal error: Call to undefined method act_viewboard::internal_error() in /home/shaunsne/public_html/software/shaunsboards/actions/viewboard.php on line 58 Full Path Disclosure: http://sb.shaunsnetwork.com/?act=viewtopic Fatal error: Call to undefined method act_viewtopic::internal_error() in /home/shaunsne/public_html/software/shaunsboards/actions/viewtopic.php on line 58 Full Path Disclosure: http://sb.shaunsnetwork.com/?act=newtopic Fatal error: Call to undefined method core::internal_error() in /home/shaunsne/public_html/software/shaunsboards/actions/newtopic.php on line 64 Link to comment Share on other sites More sharing options...
iShaun Posted September 29, 2008 Author Share Posted September 29, 2008 I haven't made the function yet, but it just displays an error Link to comment Share on other sites More sharing options...
darkfreaks Posted September 30, 2008 Share Posted September 30, 2008 might wanna fix that Cross Site Scripting(XSS) You have XSS in the following variables: id,username,password, submitted Please use trim(),strip_tahs and htmlspecialchars() to elimate this problem Link to comment Share on other sites More sharing options...
Recommended Posts