Jump to content

Recommended Posts

Hi All,

 

It's been a while since I've been on any phpfreaks forum so please forgive if i misunderstand the purpose of this particular board, but I've been developing a script called Nexus for some time now and it's approaching what I hope to be a relatively stable state.  If anyone who can give it a good run-through, it would be very much appreciated:

 

http://www.iwonderdesigns/nexus/demo

 

It's a file management application somewhat in the vain of box.net or any other of the many, many hosted solutions.  But it's meant more for LAN environments or any other private hosting environment.

 

Thank you very much,

Karim

Link to comment
https://forums.phpfreaks.com/topic/50599-nexus-beta-testing/
Share on other sites

Cross Site Scripting:

http://www.iwonderdesigns.com/nexus/demo/index.php?</script><marquee><h1>vulnerable</marquee>

 

Cross Site Scripting:

There is Cross Site Scripting if you post a comment that contains code.

 

Cross Site Scripting:

There is Cross Site Scripting if your password contains ">code.

 

Cross Site Scripting:

There is Cross Site Scripting if your username contains ">code.

 

Full Path Disclosure:

Warning: parse_url() [function.parse-url]: Unable to parse URL in /home/iwonderd/public_html/nexus/demo/include/iwonder/lib/xajax/xajax.inc.php on line 873

 

Includes Directory:

http://www.iwonderdesigns.com/includes/

 

Includes Directory:

http://www.iwonderdesigns.com/nexus/demo/include/

 

SQL Injection:

http://www.iwonderdesigns.com/nexus/demo/index.php?a=view_doc&id=6 AND 1=1

http://www.iwonderdesigns.com/nexus/demo/index.php?a=view_doc&id=6 AND 1=2

 

User Enumeration:

http://www.iwonderdesigns.com/~root

 

User Enumeration:

http://www.iwonderdesigns.com/~iwonderd

Link to comment
https://forums.phpfreaks.com/topic/50599-nexus-beta-testing/#findComment-248751
Share on other sites

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.