Bravo List
Page 1 of 2 1 2
Show 40 post(s) from this thread on one page

Bravo List (http://www.bvlist.com/index.php)
-   Yuna Scatari Edition (YSE) (http://www.bvlist.com/forumdisplay.php?f=22)
-   -   YSE v2.0 PRE6 (http://www.bvlist.com/showthread.php?t=2886)

Ashur 27th June 2009 16:59
YSE v2.0 PRE6
 
1 Attachment(s)
yep just went on the YSE site and found there is
YSE v2.0 (18.05.07) Pre 6 RC 0 (update 13.07.09)


Translated with GOOGLE:
Quote:
Well

FILES only for those people who have sign up for an account and those who activate your account BY MAIL!

26.04.09
Delete files + fix security forum.
Wait footprint. update - deletion of integration with the forum.

09.07.09
Fixed bug associated with ban ip and its conversion to 127.255.255.255

13.07.09
A little edit, a partial de-integration of the forum, minor edits.
maybe this is not significant but just letting you know :D

cheers

kp380lv 27th June 2009 19:15
There is still many security holes in this updated version...

Gerxx13 20th July 2009 17:26
This version is in Russian or English ? :sos:
EDIT:
In Russian ,No thanks :D

AlaminT 27th July 2009 15:05
Quote:
Originally Posted by kp380lv (Post 12733)
There is still many security holes in this updated version...
i think that you have a little bit prejudicial view ;)

HAVE you REALY checked? :) if so - post the bugs, and they will be fixed

to TS: TBDev v2.0 (18.05.07) Pre 6 RC 0 (update 13.07.09) :P

kp380lv 27th July 2009 18:16
lol
 
AlaminT

Ok you say that this version is very safe!? No you know the truth there is still holes - why you just don't fix them if you are so smart?

Holes and security vulnerabilities:

news.php
details.php
modtask.php
userdetails.php and so i can continue....also other files has holes or security vulnerabilities... I post only few file names where is the problems but however i say that there are still security problems...

AlaminT 29th July 2009 10:10
oh, details? realy?

news - you mean xss in title or returnto? :)
modtask
userdetails

i think ehat you are posting is not a holes, post, please, go on post...

kp380lv 29th July 2009 13:56
AlaminT

news.php

Code:
$body = $_POST["body"];
should be:

Code:
$body = htmlspecialchars($_POST["body"],ENT_QUOTES);
I hope you understand what about i'm talking..

AlaminT 29th July 2009 22:07
useless:

block-news.php:

Code:
format_comment($array['body'])
why?

PHP Code:
function format_comment($text$strip_html true) {

    if ($strip_html)
        $s htmlspecialchars_uni($s); 
so there is NO VULNERABILITY, and your "fix" will only "break" thing like "&" in text will become as "&" e.g you write "Command & Conquer 3" in the news, and it insted writes out "Command & Conquer 3"

kp380lv 30th July 2009 10:53
Are you sure?

details.php

PHP Code:
$id $_GET["id"]; 
should be:

PHP Code:
$id = (int) $_GET["id"]; 
So there is security vulnerabilities...

Or better change this to:

PHP Code:
if (!is_valid_id($_GET['id']))             stderr($tracker_lang['error'], $tracker_lang['invalid_id']);
$id = (int) $_GET["id"]; 

Bigjoos 30th July 2009 12:01
kp380lv i thought you would have picked up on this after we told you on Tbdev about the exact same stuff - The body you post about is under format_comment like said so learn to look deeper at code.

You say

0 + should be (int) ? - Again i dont agree there as they both do pretty much the same job :)

Again your pushing an issue thats going to bite you in the arse - Go back to a test code and start learning - Funny thing is all these so called exploits .. i'd like to see the people that claim theres an exploit actually craft one and do damage - 90 % of it is all talk.


All times are GMT +2. The time now is 21:29.
Page 1 of 2 1 2
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.11 Beta 3
Copyright ©2000 - 2024, vBulletin Solutions Inc.