Zepo. Posted August 7, 2007 Share Posted August 7, 2007 http://cashladders.com/ladders/ If you find any errors or thing out of place please tell me. Also any security exploits. Link to comment Share on other sites More sharing options...
agentsteal Posted August 7, 2007 Share Posted August 7, 2007 Array: http://www.cashladders.com/ladders/king.php?ladder[] Cross Site Scripting: http://www.cashladders.com/ladders/challenge.php?login[cid]='><marquee><h1>vulnerable</marquee> Cross Site Scripting: http://www.cashladders.com/ladders/challenge.php?login[id]='><marquee><h1>vulnerable</marquee> Cross Site Scripting: http://www.cashladders.com/ladders/challengedb.php?chall[ladderid]='><marquee><h1>vulnerable</marquee> Cross Site Scripting: http://www.cashladders.com/ladders/join.php?action=jointourney&login[id]='><marquee><h1>vulnerable</marquee> Cross Site Scripting: http://www.cashladders.com/ladders/king.php?ladder='><marquee><h1>vulnerable</marquee> Cross Site Scripting: http://www.cashladders.com/ladders/report.php?login[wid]='><marquee><h1>vulnerable</marquee> Cross Site Scripting: http://www.cashladders.com/ladders/standings.php?ladder[id]=1&ladder[rank]=1&ladder[unranked]='><marquee><h1>vulnerable</marquee> Cross Site Scripting: http://www.cashladders.com/ladders/matchdb.php?matchdb[ladderid]='><marquee><h1>vulnerable</marquee> Cross Site Scripting: There is Cross Site Scripting if the War Details contain </textarea>code. Cross Site Scripting: There is Cross Site Scripting if your username contains '>code. Cross Site Scripting: There is Cross Site Scripting when you register if the fields contain 'code. Drop Down Menu: If you edit the Timezone drop down menu you can set it to arbitrary values. Full Path Disclosure: http://www.cashladders.com/ladders/admin_3strikes.php Full Path Disclosure: http://www.cashladders.com/ladders/admin_3strikes_add.php Full Path Disclosure: http://www.cashladders.com/ladders/admin_report_db.php Full Path Disclosure: http://www.cashladders.com/ladders/challengedb.php?chall[start][] Full Path Disclosure: http://www.cashladders.com/ladders/html.php Full Path Disclosure: http://www.cashladders.com/ladders/king.php?matchdb[start][] Full Path Disclosure: http://www.cashladders.com/ladders/level.php Full Path Disclosure: http://www.cashladders.com/ladders/matchdb.php?matchdb[start][] Full Path Disclosure: http://www.cashladders.com/ladders/news_inc.php Full Path Disclosure: http://www.cashladders.com/ladders/ranks_inc.php Full Path Disclosure: http://www.cashladders.com/ladders/report_inc_db.php Full Path Disclosure: http://www.cashladders.com/ladders/strikes_main.php SQL Error: http://www.cashladders.com/ladders/king.php?matchdb[start]=' Error in result_king Link to comment Share on other sites More sharing options...
Daniel0 Posted August 7, 2007 Share Posted August 7, 2007 You think you could perhaps look a little longer before posting instead of posting 11 in a row in less than an hour? It can't be that hard to open notepad or something and write it in, then paste it in the post box when you think you're done. In apply.php it says: %nbsp;Email: Link to comment Share on other sites More sharing options...
Zepo. Posted August 7, 2007 Author Share Posted August 7, 2007 Wow it looks like imma be patching a lot of XSS's lol. I'll get to work. So almost all of these i just gotta make it allow only numeric values right? Is this the code? if ($login[id] && !is_numeric($login[id])) { error("You have specified an Invalid Login ID!"); } If it is how would i apply it to more then just $login[id]? Link to comment Share on other sites More sharing options...
phpSensei Posted August 9, 2007 Share Posted August 9, 2007 Question, How does Marquee affect your website? Does it mean people can submit html into the query? like quotes? Link to comment Share on other sites More sharing options...
Zepo. Posted August 9, 2007 Author Share Posted August 9, 2007 I did yes edit config but didnt get any errors after i did.... Link to comment Share on other sites More sharing options...
Zepo. Posted August 10, 2007 Author Share Posted August 10, 2007 Sorry, fixed it. Link to comment Share on other sites More sharing options...
Zepo. Posted August 10, 2007 Author Share Posted August 10, 2007 Damn your good dude thanks man..lol but i have a question can you encrypt some sort of call back in the script? Link to comment Share on other sites More sharing options...
Zepo. Posted August 10, 2007 Author Share Posted August 10, 2007 Nvm ill try figuring it out myself, what do you mean full disclosures? Link to comment Share on other sites More sharing options...
Zepo. Posted August 11, 2007 Author Share Posted August 11, 2007 OMG Dude your crazy helpful i owe you my life hahaha your awsome, how much is all of this gunna cost? Link to comment Share on other sites More sharing options...
Zepo. Posted August 11, 2007 Author Share Posted August 11, 2007 Its cool dude ill give u like 30$ , youve been crazy helpfull. How did you get 4 posts? Got in trouble for replying soo many times? Use the edit button lol. Link to comment Share on other sites More sharing options...
Zepo. Posted August 11, 2007 Author Share Posted August 11, 2007 Also when you post applications / tickets its possible to do <script>alert("LOL");</script> ect. Link to comment Share on other sites More sharing options...
Daniel0 Posted August 11, 2007 Share Posted August 11, 2007 How did you get 4 posts? One of the admins probably dropped it to zero because he keeps posting a lot of posts in a row like that. To me it would seem like he is just trying to up his post count, the admin probably thought the same. Link to comment Share on other sites More sharing options...
Zepo. Posted August 12, 2007 Author Share Posted August 12, 2007 Just redid the ticket system, might wanna test out. Link to comment Share on other sites More sharing options...
techiefreak05 Posted August 13, 2007 Share Posted August 13, 2007 Server Not Found. Link to comment Share on other sites More sharing options...
Recommended Posts