jtreanor Posted March 29, 2011 Share Posted March 29, 2011 Hello! I have spent the last several weeks working on a content management system for a first year university project. I'm quite happy with where its at and I'd really appreciate if you could have a quick look for security issues. http://cs1.ucc.ie/~jct1/cs1109/lab18 The site itself is backed by my cms and just contains a guide on how to use the backend. Proof of ownership: http://cs1.ucc.ie/~jct1/cs1109/lab18/phpfreaks.txt Thanks in advance! James Link to comment https://forums.phpfreaks.com/topic/232042-is-my-cms-secure/ Share on other sites More sharing options...
pastcow Posted April 14, 2011 Share Posted April 14, 2011 Your CMS has heaps of security issues. Without much effort I was able to obtain admin access. A few issues include: Cross Site Request Forgeries SQL Injection Weak account policies msg me if you want full details. proof: http://cs1.ucc.ie/~jct1/cs1109/lab18/index.php?article_id=80 (check the sourcecode) Link to comment https://forums.phpfreaks.com/topic/232042-is-my-cms-secure/#findComment-1201381 Share on other sites More sharing options...
jtreanor Posted May 16, 2011 Author Share Posted May 16, 2011 Hello again! I have improved some security issues with the site so I'd appreciate if you could have another look. Or PM me how you got in the first time. Thanks, James Link to comment https://forums.phpfreaks.com/topic/232042-is-my-cms-secure/#findComment-1215950 Share on other sites More sharing options...
Recommended Posts