Zepo. Posted July 3, 2007 Share Posted July 3, 2007 ladders.elitebattles.com Thanks!! Link to comment https://forums.phpfreaks.com/topic/58332-security-test-please/ Share on other sites More sharing options...
bluebyyou Posted July 7, 2007 Share Posted July 7, 2007 Could you create a test account? Link to comment https://forums.phpfreaks.com/topic/58332-security-test-please/#findComment-291776 Share on other sites More sharing options...
source Posted July 7, 2007 Share Posted July 7, 2007 in the top left corner there is xss vuln (i search for <script>alert("xss");</script>) etc... then it gives mysql errors... I noticed your VBULLETIN also seems to be out of date. There most likely have been security patches/checks/etc... may want to consider upgrading. I go to say http://elitebattles.com/gamelist---1-War.html and do the same search and I get a mysql display "Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/burly/public_html/pages/search.php on line 229" http://elitebattles.com/files.html also same errror with same search... http://elitebattles.com/games.html also coding your own stuff is the way to go in the future.. Link to comment https://forums.phpfreaks.com/topic/58332-security-test-please/#findComment-292007 Share on other sites More sharing options...
Recommended Posts