BMR777 Posted February 6, 2009 Share Posted February 6, 2009 Hello, My new script, Max Volume is complete and I would really like it if you could test the script for security vulnerabilities such as SQL injection and other security-related issues. The script is installed at: http://www.mybbmultiforums.com/mvinstall2/index.php Verification file: http://www.mybbmultiforums.com/mvinstall2/phpfreaks.php The script is designed so that artists can upload MP3 files to the server and listeners can listen to the songs and download them, as well as make comments on their favorite bands. I have made some test accounts so you can try the listener or artist end of the script: Artist Account: Can upload MP3 files artist demopass Listener Account: Cannot upload MP3 files listener demopass What I am looking for from testers is first and foremost discovery of security holes that I may have missed. Basically, users should not be able to SQL inject the site. Artists should ONLY be able to upload MP3, gif and jpg files, with listeners only able to upload gif and jpg files. Users should NOT be able to use any HTML or javascript on their profiles. Anything you find would be really helpful to me. Please if possible post detailed results so I can replicate them so I can fix them. Thanks, Brandon Link to comment https://forums.phpfreaks.com/topic/144100-max-volume-mp3-upload-script-needs-security-testing-sql-injection-tests/ Share on other sites More sharing options...
Coreye Posted February 7, 2009 Share Posted February 7, 2009 Full Path Disclosure: http://www.mybbmultiforums.com/mvinstall2/down.php?id[] Warning: mysql_real_escape_string() expects parameter 1 to be string, array given in /home/mybbtest/public_html/mvinstall2/inc/functions.php on line 22 Full Path Disclosure: http://www.mybbmultiforums.com/mvinstall2/getartists.php?cat=Pop&sort[] Warning: mysql_real_escape_string() expects parameter 1 to be string, array given in /home/mybbtest/public_html/mvinstall2/inc/functions.php on line 22 Full Path Disclosure: http://www.mybbmultiforums.com/mvinstall2/profile.php?id[] Warning: mysql_real_escape_string() expects parameter 1 to be string, array given in /home/mybbtest/public_html/mvinstall2/inc/functions.php on line 22 Full Path Disclosure: http://www.mybbmultiforums.com/mvinstall2/befriend.php?friend[] Warning: mysql_real_escape_string() expects parameter 1 to be string, array given in /home/mybbtest/public_html/mvinstall2/inc/functions.php on line 22 Full Path Disclosure: http://www.mybbmultiforums.com/mvinstall2/deletecomment.php?id[] Warning: mysql_real_escape_string() expects parameter 1 to be string, array given in /home/mybbtest/public_html/mvinstall2/inc/functions.php on line 22 Full Path Disclosure: http://www.mybbmultiforums.com/mvinstall2/comments.php?id[] Warning: mysql_real_escape_string() expects parameter 1 to be string, array given in /home/mybbtest/public_html/mvinstall2/inc/functions.php on line 22 Full Path Disclosure: http://www.mybbmultiforums.com/mvinstall2/friends.php?page[] Warning: mysql_real_escape_string() expects parameter 1 to be string, array given in /home/mybbtest/public_html/mvinstall2/inc/functions.php on line 22 Full Path Disclosure: http://www.mybbmultiforums.com/mvinstall2/manageuploads.php?action[] Warning: mysql_real_escape_string() expects parameter 1 to be string, array given in /home/mybbtest/public_html/mvinstall2/inc/functions.php on line 22 Full Path Disclosure: http://www.mybbmultiforums.com/mvinstall2/gallery.php?id[] Warning: mysql_real_escape_string() expects parameter 1 to be string, array given in /home/mybbtest/public_html/mvinstall2/inc/functions.php on line 22 Full Path Disclosure: http://www.mybbmultiforums.com/mvinstall2/report.php?id[] Warning: mysql_real_escape_string() expects parameter 1 to be string, array given in /home/mybbtest/public_html/mvinstall2/inc/functions.php on line 22 Full Path Disclosure: http://www.mybbmultiforums.com/mvinstall2/listfriends.php?view[] Warning: mysql_real_escape_string() expects parameter 1 to be string, array given in /home/mybbtest/public_html/mvinstall2/inc/functions.php on line 22 Full Path Disclosure: http://www.mybbmultiforums.com/mvinstall2/pages.php?page[] Warning: mysql_real_escape_string() expects parameter 1 to be string, array given in /home/mybbtest/public_html/mvinstall2/inc/functions.php on line 22 Link to comment https://forums.phpfreaks.com/topic/144100-max-volume-mp3-upload-script-needs-security-testing-sql-injection-tests/#findComment-756493 Share on other sites More sharing options...
BMR777 Posted February 7, 2009 Author Share Posted February 7, 2009 Thanks for testing Coreye. I was able to fix the full path disclosures you posted. Is there anything else I need to be aware of? Thanks, Brandon Link to comment https://forums.phpfreaks.com/topic/144100-max-volume-mp3-upload-script-needs-security-testing-sql-injection-tests/#findComment-756879 Share on other sites More sharing options...
Recommended Posts