Jump to content

Test Security??

darkfreaks

By darkfreaks
in Beta Test Your Stuff!

 Share

Recommended Posts

agentsteal Newbie

agentsteal

Posted
Posted

Array:

http://vampirecity.cx-music.com/covensimwith.php?u[]

 

Array:

http://vampirecity.cx-music.com/friendswith.php?u[]

 

Array:

http://vampirecity.cx-music.com/friendsof.php?u[]

 

Array:

http://vampirecity.cx-music.com/contest.php?contest[]

 

Cross Site Scripting:

There is Cross Site Scripting if the Expect header contains code.

 

Full Path Disclosure:

http://vampirecity.cx-music.com/includes/footer.php

Warning: main(googlebottom.php) [function.main]: failed to open stream: No such file or directory in /home/www/vampirecity.cx-music.com/includes/footer.php on line 6

 

Full Path Disclosure:

http://vampirecity.cx-music.com/forum/includes/footer.php

Warning: main(googlebottom.php) [function.main]: failed to open stream: No such file or directory in /home/www/vampirecity.cx-music.com/forum/includes/footer.php on line 3

 

Warning: main() [function.include]: Failed opening 'googlebottom.php' for inclusion (include_path='.:/usr/local/lib/php') in /home/www/vampirecity.cx-music.com/forum/includes/footer.php on line 3

 

Full Path Disclosure:

http://vampirecity.cx-music.com/includes/commentsadd.php

Warning: main() [function.include]: Failed opening 'config.php' for inclusion (include_path='.:/usr/local/lib/php') in /home/www/vampirecity.cx-music.com/includes/commentsadd.php on line 2

 

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2) in /home/www/vampirecity.cx-music.com/includes/commentsadd.php on line 4

 

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established in /home/www/vampirecity.cx-music.com/includes/commentsadd.php on line 4

 

Warning: mysql_query() [function.mysql-query]: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2) in /home/www/vampirecity.cx-music.com/includes/commentsadd.php on line 6

 

Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in /home/www/vampirecity.cx-music.com/includes/commentsadd.php on line 6

 

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/www/vampirecity.cx-music.com/includes/commentsadd.php on line 8

 

Warning: mysql_close(): no MySQL-Link resource supplied in /home/www/vampirecity.cx-music.com/includes/commentsadd.php on line 10

 

Warning: main(includes/footer.php) [function.main]: failed to open stream: No such file or directory in /home/www/vampirecity.cx-music.com/includes/commentsadd.php on line 136

 

Warning: main() [function.include]: Failed opening 'includes/footer.php' for inclusion (include_path='.:/usr/local/lib/php') in /home/www/vampirecity.cx-music.com/includes/commentsadd.php on line 136

 

Full Path Disclosure:

http://vampirecity.cx-music.com/includes/usersonline.php

Parse error: parse error, unexpected T_VARIABLE in /home/www/vampirecity.cx-music.com/includes/usersonline.php on line 7

 

Full Path Disclosure:

There is Full Path Disclosure if the PHPSESSID cookie is set to an invalid value.

Warning: session_start() [function.session-start]: The session id contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in /home/www/vampirecity.cx-music.com/includes/header2.php on line 10

 

Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /home/www/vampirecity.cx-music.com/includes/header2.php:10) in /home/www/vampirecity.cx-music.com/includes/header2.php on line 10

 

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/www/vampirecity.cx-music.com/includes/header2.php:10) in /home/www/vampirecity.cx-music.com/includes/header2.php on line 10

 

Warning: Cannot modify header information - headers already sent by (output started at /home/www/vampirecity.cx-music.com/includes/header2.php:10) in /home/www/vampirecity.cx-music.com/includes/header2.php on line 11

 

Warning: session_start() [function.session-start]: The session id contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in /home/www/vampirecity.cx-music.com/includes/header2.php on line 10

 

Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /home/www/vampirecity.cx-music.com/includes/header2.php:10) in /home/www/vampirecity.cx-music.com/includes/header2.php on line 10

 

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/www/vampirecity.cx-music.com/includes/header2.php:10) in /home/www/vampirecity.cx-music.com/includes/header2.php on line 10

 

Warning: Cannot modify header information - headers already sent by (output started at /home/www/vampirecity.cx-music.com/includes/header2.php:10) in /home/www/vampirecity.cx-music.com/includes/header2.php on line 11

 

Includes Directory:

http://vampirecity.cx-music.com/includes/

 

Includes Directory:

http://vampirecity.cx-music.com/forum/includes/

 

Log File:

http://vampirecity.cx-music.com/images/WS_FTP.LOG

Link to comment
https://forums.phpfreaks.com/topic/90532-test-security/#findComment-464215
Share on other sites
  • 2 weeks later...
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.