Bravo List
Register
Go Back   > Bravo List > Source Code > Archived Trackers > Yuna Scatari Edition (YSE)
Reply
  #1  
Old 10th March 2009, 22:36
kp380lv's Avatar
kp380lv kp380lv is offline
Senior Member
 
Join Date: May 2008
Latvia
Posts: 388
Exclamation Attention!
I'm looking guys who can help me search security holes on PRE7 v2.2.

Who knows how to look's XSS hole and SQL subscribe HERE to help make better YSE PRE7!

Objective:

Search for security holes
Search functionality errors.

Preview of XSS hole: stats.php

Code:
$uporder = $_GET['uporder'];
$catorder =$_GET["catorder"];
Should be to

Code:
$uporder = intval($_GET['uporder']);
$catorder = intval($_GET["catorder"]);

P.S

I create new theme too for this version;)
Reply With Quote
The Following User Says Thank You to kp380lv For This Useful Post:
shadow1992 (11th March 2009)
  #2  
Old 11th March 2009, 01:44
shadow1992 shadow1992 is offline
Member
 
Join Date: Nov 2008
Austria
Posts: 13
Default Ok me
Ok i am interested in cause i experience many problems with the tracker at the version 2.2 of yuna ! Such as when you install the forum for the first time and then the avatar upload and then the mail and repsect button and some things that shouldn't be there but anyway! I fixed most of them but i still need help with the other two problems!

Also i have a very interesting proposision for you please contact me at phylosopher@thehackersbay.org
Reply With Quote
Reply

Tags
attention

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump



All times are GMT +2. The time now is 13:22. vBulletin skin by ForumMonkeys. Powered by vBulletin® Version 3.8.11 Beta 3
Copyright ©2000 - 2024, vBulletin Solutions Inc.