charliepage Posted October 29, 2007 Share Posted October 29, 2007 http://www.iraqresearch.org I'm more interested in whether the CMS running it has security issues and if so, what they are. There are no direct links to it at the moment but to login it's /login.html and /register.html . Any problems found would be nice to know about, thank you. Link to comment https://forums.phpfreaks.com/topic/75167-site-needs-to-be-tested/ Share on other sites More sharing options...
XRayden Posted October 29, 2007 Share Posted October 29, 2007 i'm unable to connect. page is blank but i've got the favicon Link to comment https://forums.phpfreaks.com/topic/75167-site-needs-to-be-tested/#findComment-380641 Share on other sites More sharing options...
charliepage Posted October 29, 2007 Author Share Posted October 29, 2007 Yeah, I'm sorry about that. Hosting started having issues just about 5 minutes ago, I'll post here once it is working okay. Link to comment https://forums.phpfreaks.com/topic/75167-site-needs-to-be-tested/#findComment-380648 Share on other sites More sharing options...
charliepage Posted October 29, 2007 Author Share Posted October 29, 2007 Alright, it should be working now. Link to comment https://forums.phpfreaks.com/topic/75167-site-needs-to-be-tested/#findComment-380654 Share on other sites More sharing options...
agentsteal Posted October 29, 2007 Share Posted October 29, 2007 Insecure Cookie: You shouldn't put the password in the cookie. Insecure Cookie: You shouldn't put the username in the cookie. URL Inclusion: http://www.iraqresearch.org/go/google.com User Enumeration: http://www.iraqresearch.org/~nobody User Enumeration: http://www.iraqresearch.org/~root Link to comment https://forums.phpfreaks.com/topic/75167-site-needs-to-be-tested/#findComment-380678 Share on other sites More sharing options...
charliepage Posted October 29, 2007 Author Share Posted October 29, 2007 Quote You shouldn't put the username and password in the cookie. You mean the value of the username and password, how do I validate there info then? Quote URL inclusion: http://www.iraqresearch.org/go/google.com If I check that the URL is valid, is that a problem still and if so, why? (just curious) Quote User Enumeration: http://www.iraqresearch.org/~root User Enumeration: http://www.iraqresearch.org/~nobody I'm a bit confused about this, what this does and why it's bad? Thank you. Link to comment https://forums.phpfreaks.com/topic/75167-site-needs-to-be-tested/#findComment-380693 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.