xiao Posted December 14, 2007 Share Posted December 14, 2007 I've made this script for my CS:S clan. Link You can click quite some numbers on the index page, changing GET variables. There's also an admin panel somewhere. Link to comment https://forums.phpfreaks.com/topic/81753-ladder-script/ Share on other sites More sharing options...
agentsteal Posted December 15, 2007 Share Posted December 15, 2007 Cross Site Scripting: There is Cross Site Scripting if the Expect header contains code. Log: http://www.gfx-depot.com/league/log.txt Link to comment https://forums.phpfreaks.com/topic/81753-ladder-script/#findComment-415254 Share on other sites More sharing options...
xiao Posted December 15, 2007 Author Share Posted December 15, 2007 I forgot to delete that log, it's stored somewhere else now. How can I fix the Expect Header vulnerability? Or can only my Host do that? Link to comment https://forums.phpfreaks.com/topic/81753-ladder-script/#findComment-415273 Share on other sites More sharing options...
xiao Posted December 15, 2007 Author Share Posted December 15, 2007 Anyone else finds something? Link to comment https://forums.phpfreaks.com/topic/81753-ladder-script/#findComment-415782 Share on other sites More sharing options...
beansandsausages Posted December 20, 2007 Share Posted December 20, 2007 screwed the layout up : http://www.gfx-depot.com/league/index.php/"> Link to comment https://forums.phpfreaks.com/topic/81753-ladder-script/#findComment-419301 Share on other sites More sharing options...
beansandsausages Posted December 20, 2007 Share Posted December 20, 2007 Block this directory : http://www.gfx-depot.com/images/ Link to comment https://forums.phpfreaks.com/topic/81753-ladder-script/#findComment-419303 Share on other sites More sharing options...
xiao Posted December 20, 2007 Author Share Posted December 20, 2007 screwed the layout up : http://www.gfx-depot.com/league/index.php/"> How do I fix that? Link to comment https://forums.phpfreaks.com/topic/81753-ladder-script/#findComment-419455 Share on other sites More sharing options...
xiao Posted December 20, 2007 Author Share Posted December 20, 2007 I think I'm gonna leave it like that. If a hacker wants to see my layout without CSS, I'll give him that opportunity :-) Link to comment https://forums.phpfreaks.com/topic/81753-ladder-script/#findComment-419769 Share on other sites More sharing options...
Recommended Posts