BillyBoB Posted July 9, 2007 Author Share Posted July 9, 2007 btw: I just tried to register the username Tester and p/w password and it said it worked... (Yeah I know you not to, but I couldn't resist.) roflmao now no one can login with tester cause I need to validate the account (but the email I used to reg was "password") xD fixed Pass should be Helper Link to comment Share on other sites More sharing options...
BillyBoB Posted July 9, 2007 Author Share Posted July 9, 2007 the xss should be deleted out of sb please check Link to comment Share on other sites More sharing options...
davidg80 Posted October 28, 2007 Share Posted October 28, 2007 You should protect directory: http://dreamshowstudios.net/inc/ Better yet tell Apache/2.2.4 (Fedora) Server to handle .inc files with php. Do the same for all file extensions you use ex: .class,.php,.inc, etc. Link to comment Share on other sites More sharing options...
davidg80 Posted October 28, 2007 Share Posted October 28, 2007 SQL Injection at: http://dreamshowstudios.net/members.php?user=Tester'%20AND%20'1'='0 Link to comment Share on other sites More sharing options...
Recommended Posts