Jump to content

Recommended Posts

Admin Access:

Anyone can get your username and password with the PHP Source Code Disclosure.

 

Directory Transversal:

There is Directory Transversal if the url field contains ../

 

Full Path Disclosure:

http://scripts.loado.com/pagegrabber/contentgrabber.php

Warning: strpos() [function.strpos]: Offset not contained in string. in /home/ld1/public_html/scripts/pagegrabber/contentgrabber.php on line 35

 

Warning: strpos() [function.strpos]: Offset not contained in string. in /home/ld1/public_html/scripts/pagegrabber/contentgrabber.php on line 36

 

Full Path Disclosure:

There is Full Path Disclosure if the url field contains an invalid value.

Warning: fopen(a) [function.fopen]: failed to open stream: No such file or directory in /home/ld1/public_html/scripts/pagegrabber/contentgrabber.php on line 9

 

Warning: file_get_contents(a) [function.file-get-contents]: failed to open stream: No such file or directory in /home/ld1/public_html/scripts/pagegrabber/contentgrabber.php on line 10

 

Warning: strpos() [function.strpos]: Offset not contained in string. in /home/ld1/public_html/scripts/pagegrabber/contentgrabber.php on line 35

 

Warning: strpos() [function.strpos]: Offset not contained in string. in /home/ld1/public_html/scripts/pagegrabber/contentgrabber.php on line 36

 

PHP Source Code Disclosure:

There is PHP Source Code Disclosure if the url field contains ../file.php.

 

User Enumeration:

http://scripts.loado.com/~admin

 

User Enumeration:

http://scripts.loado.com/~ld1

 

User Enumeration:

http://scripts.loado.com/~nobody

 

User Enumeration:

http://scripts.loado.com/~root

Link to comment
https://forums.phpfreaks.com/topic/91179-script-written-today/#findComment-467308
Share on other sites

Looks like a great idea, anyway, heres another problem:

 

Warning: strpos() [function.strpos]: Offset not contained in string. in /home/ld1/public_html/scripts/pagegrabber/contentgrabber.php on line 56

 

Warning: strpos() [function.strpos]: Offset not contained in string. in /home/ld1/public_html/scripts/pagegrabber/contentgrabber.php on line 57

 

It happens after not placing any input.

Link to comment
https://forums.phpfreaks.com/topic/91179-script-written-today/#findComment-470973
Share on other sites

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.