Bravo List - Attention!

Bravo List (http://www.bvlist.com/index.php)

- Yuna Scatari Edition (YSE) (http://www.bvlist.com/forumdisplay.php?f=22)

- - Attention! (http://www.bvlist.com/showthread.php?t=2184)

kp380lv

10th March 2009 22:36

Attention!

I'm looking guys who can help me search security holes on PRE7 v2.2.

Who knows how to look's XSS hole and SQL subscribe HERE to help make better YSE PRE7!

Objective:

Search for security holes
Search functionality errors.

Preview of XSS hole: stats.php

Code:



$uporder = $_GET['uporder'];

$catorder =$_GET["catorder"];

Should be to

Code:



$uporder = intval($_GET['uporder']);

$catorder = intval($_GET["catorder"]);

P.S

I create new theme too for this version;)

shadow1992

11th March 2009 01:44

Ok me

Ok i am interested in cause i experience many problems with the tracker at the version 2.2 of yuna ! Such as when you install the forum for the first time and then the avatar upload and then the mail and repsect button and some things that shouldn't be there but anyway! I fixed most of them but i still need help with the other two problems!

Also i have a very interesting proposision for you please contact me at phylosopher@thehackersbay.org

All times are GMT +2. The time now is 21:33.