crazy art.. testrunns

[melvincr]

hello..

 

i developed an platform for artists to present their portfolio online. the first internal testruns are over, now i want to get some more feedback until i can launch it officially..

 

you can create an account, login, post pictures and send messages (no spamcontroll yet)..

 

please don't send messages to existing users (except elnox)

 

open topics:

not everything translated right now (english, spanish, german)

design not finished (boxes don't have the same size..)

session expire (no message given)

 

thanks in advance and if you need more information please let me know..

[sinisake]

ok, now just link...

[melvincr]

thx

 

http://www.arteinsania.net/

[melvincr]

if you don't want to register you can login  with psw: test

(all useres except elnox, reschl, eugen)

[source]

xss vulnerability when I public a pic, multiple fields.'

http://www.arteinsania.net/artwork/000064

 

 

XSS vuln on edit profile page

 

 

oy, dude I can cause errors on my profile page by setting values to "> etc.. and when i saved the source and messed with the maxlength vals I was able to fuck around a lot... "lives in  none, united states" sure I could make that xss where the none is if I changed it's type to a form...

[source]

also lawl... I saved the source of someone elses send message, edited the form action to send it to myn, and send <script>alert("xss");</script>

 

and it really [pointless expletive deleted], I mean you'll see if you fill that in all fields and click send. (no alert that I could get in the 20 seconds I worked on it... :'( )

 

@source: explain it properly and politely or not at all, please.

[agentsteal]

Cross Site Scripting:

http://www.arteinsania.net/?pname=</div><marquee><h1>vulnerable</marquee>

 

Cross Site Scripting:

There is Cross Site Scripting when you register if the fields contain code.

 

Full Path Disclosure:

http://www.arteinsania.net/p_home.php

 

Full Path Disclosure:

There is Full Path Disclosure on the 404 page.

http://www.arteinsania.net/site/whatever

[melvincr]

thank you very much!

 

removed some errors, on others (xss, input data..) i'm still working..

 

i was thinking of removing the tags with a preg_replace(..) the problem is that i want to allow ():;!\/ in the description fields.. are there any finished functions i can use to make a semantic check or do i have to replace every possibility?

[source]

@agentsteal nah man, you're finding stuff I miss in my tests...

 

$var=strip_tags($var);

$var=mysql_real_escape_string($var);

 

using those two functions should alleviate any problems with xss/sql (Not saying that that's all you need.)

 

 

oh p.s. @AndyB won't happen again... but it wasn't that bad.

[melvincr]

thx

 

applied it to all input fields..

 

the full path disclosure are also fixed

[davidg80]

http://www.arteinsania.net/site.php still gives paths

[XRayden]

i'm working with firebug (one of the best plugin a developper can have) and it return only 4 error.

 

it seams in the script they find 4 404 errors.

 

but... anyway :

 

syntax error

http://www.arteinsania.net/js/builder.js

Line 1

syntax error

http://www.arteinsania.net/js/dragdrop.js

Line 1

syntax error

http://www.arteinsania.net/js/controls.js

Line 1

syntax error

http://www.arteinsania.net/js/slider.js

Line 1

 

one of your script is calling /js/ some scripts, and they gives a 404 page.

[melvincr]

davidg80: thanks! just fixed it

 

XRayden: thanks! i know this problem, it´s a 3rd party thing.. i´m currently working on a new version, which will have this fixed.