techiefreak05 Posted May 11, 2007 Share Posted May 11, 2007 zwmster media, corp has just launched the beta version of its "ZWM Accounts" service, its a service that is similar to Google Accounts, we offer several services in development in which you can test. Most of the services are fairly limited but a good enough basis to launch the BETA accounts. There are only 50 accounts open, so hurry and sign up here: http://zwmster.com/reg Link to comment https://forums.phpfreaks.com/topic/50876-new-zwm-account-service-beta-slots-open/ Share on other sites More sharing options...
john010117 Posted May 11, 2007 Share Posted May 11, 2007 The registration form doesn't work... It only shows the template after I've submitted the form. Link to comment https://forums.phpfreaks.com/topic/50876-new-zwm-account-service-beta-slots-open/#findComment-250230 Share on other sites More sharing options...
agentsteal Posted May 11, 2007 Share Posted May 11, 2007 Cross Site Scripting: http://www.zwmster.com/?query="><marquee><h1>vulnerable</marquee> Cross Site Scripting: http://www.zwmster.com/reg/reg.php/"><marquee><h1>vulnerable</marquee> Cross Site Scripting: There is Cross Site Scripting if the Expect header contains code. Full Path Disclosure: http://www.zwmster.com/?lang=a Fatal error: main() [function.require]: Failed opening required './languages/a-language.php' (include_path='.:/usr/local/lib/php') in /homepages/5/d191754224/htdocs/search/search.php on line 48 Link to comment https://forums.phpfreaks.com/topic/50876-new-zwm-account-service-beta-slots-open/#findComment-250233 Share on other sites More sharing options...
techiefreak05 Posted May 13, 2007 Author Share Posted May 13, 2007 holy cow... still lots of work to do... wow. How would I go about fixing those cross site scripting vulnerabilities? ive also fixed the registration form. it SHOULD work now. also, ive fixed that language error too. Link to comment https://forums.phpfreaks.com/topic/50876-new-zwm-account-service-beta-slots-open/#findComment-252337 Share on other sites More sharing options...
448191 Posted May 14, 2007 Share Posted May 14, 2007 How about turning display_errors off on a published site? Link to comment https://forums.phpfreaks.com/topic/50876-new-zwm-account-service-beta-slots-open/#findComment-252436 Share on other sites More sharing options...
V34 Posted May 14, 2007 Share Posted May 14, 2007 Quite the samething here. Link to comment https://forums.phpfreaks.com/topic/50876-new-zwm-account-service-beta-slots-open/#findComment-253016 Share on other sites More sharing options...
V34 Posted May 14, 2007 Share Posted May 14, 2007 Dead link here: http://zwmster.com/corporate It's the link from the bottom line: -A Zwmster Media, Corp Service- I don't know if this is the kind of bug you're looking for, but the "Did you mean?" - Doesn't seem to be so functional: http://zwmster.com/?query=XDD&search=1 Link to comment https://forums.phpfreaks.com/topic/50876-new-zwm-account-service-beta-slots-open/#findComment-253020 Share on other sites More sharing options...
techiefreak05 Posted May 15, 2007 Author Share Posted May 15, 2007 Yes thanks, the dead link was due to my lazyiness in creating a corporate site. And yes, everything needs work... and thats a very interesting bug u found there! Link to comment https://forums.phpfreaks.com/topic/50876-new-zwm-account-service-beta-slots-open/#findComment-253268 Share on other sites More sharing options...
Recommended Posts