Welcome!

Join our community of MMO enthusiasts and game developers! By registering, you'll gain access to discussions on the latest developments in MMO server files and collaborate with like-minded individuals. Join us today and unlock the potential of MMO server development!

Join Today!

PearCMS

Newbie Spellweaver
Joined
Apr 17, 2012
Messages
19
Reaction score
5
Here is the PearCMS...100% VirusFree.
Demo:

Downloadlinks:
CMS:
Database:

It's Dutch...


Greetz,
bras1223
 
Newbie Spellweaver
Joined
Mar 26, 2011
Messages
68
Reaction score
7
Haha nice but your demo failed. You need to write .php after everything except the register part. But it looks so nice <3
 
Newbie Spellweaver
Joined
Oct 7, 2012
Messages
42
Reaction score
7
I don't like it at all.
Just a custom frontpage like every rename.
It makes me sick.

-Butler
 
Zephyr Studios
Loyal Member
Joined
Feb 18, 2012
Messages
1,877
Reaction score
724
Pages doesn't exist in the demo.
 
Newbie Spellweaver
Joined
Oct 7, 2012
Messages
42
Reaction score
7
Rename from Habbore ;)
And this renamed cms got exploits.

Excuse me but, why are you here?

Rename is not an edit, so if there are exploits in this rename, the are also in the original or it isn't a rename.

*cough* dumb butt *cough*

And you are so smart, because if it was an rename of Habbore there wasn't standing HABLOK in the demo link. Because hablok is an cms, as everybody knows.

-Butler
 
Newbie Spellweaver
Joined
Sep 29, 2012
Messages
53
Reaction score
4
Why do you releasy MY CMS? ...

And for your information, my CMS doesn't have exploits.. lol

@blink182sp44
- Habblok is noob, it's Habbore.. lol
 
[̲̅$̲̅(̲̅1̲̅)̲̅$ ̲̅]
Joined
May 4, 2008
Messages
831
Reaction score
741
Potential exploit in the bots page.

PHP:
 $nombre = $_POST['nombre'];
$mision = $_POST['mision'];
$ropa = $_POST['look'];
$posicionx = $_POST['posicionx'];
$posiciony = $_POST['posiciony'];
$sala = $_POST['sala'];
$estado = $_POST['estado'];
$rotacion = $_POST['rotacion'];

mysql_query("INSERT INTO `bots`(`room_id`, `name`, `motto`, `look`, `x`, `y`, `rotation`, `walk_mode`, `owner`) VALUES ('$sala', '$nombre', '$mision', '$ropa', '$posicionx', '$posiciony', '$rotacion', '$estado', '$owner')");

It doesn't look like any of the posts are filtered. This could give attackers full access to your database.



And why would you have an email flooder in your download.
bom.php (Also available on your demo site, )

PHP:
<?php 
if(isset($_POST['submit'])){ 
$content = "Dit bericht is afkomtstig van:<br><hr><b>Naam</b>: ". $_POST["naam"] ." (<b>". $leeftijd ."</b> jaar)<br>Email: ". $_POST["email"] ."<br><b>Website</b>: ". $_POST["url"] ."<br><hr>Hij schreef: <br><hr>". $content ."<br><hr>"; 
$headers .= "MIME-version: 1.0n"; 
$headers .= "Content-Type: text/html; charset=iso-8859-1n"; 
$headers .= "From: ". $_POST["from"] ."n"; 
$aantal = $_POST["aantal"]; 
$aantal = $aantal-1; 
for($i=0; $i <= $aantal; $i++){ 
$a = mail($_POST["to"],$_POST["onderwerp"],$_POST["bericht"],$headers); 
if($a){ 
echo $i .". Email verzonden<br>"; 
} 
else{ 
echo "Door fout is de email NIET verzonden"; 
} 
} 
} 
if(!isset($_POST['submit'])){ 
?> 
<form action="<?php echo $_SERVER["PHP_SELF"]; ?>" method="POST"> 
Onderwerp: <input type="text" name="onderwerp"><br> 
Van (emailadres): <input type="text" name="from"><br> 
Naar (emailadres): <input type="text" name="to"><br> 
Hoeveel mailtjes: <input type="text" name="aantal"><br> 
<textarea cols="50" rows="10" name="bericht">Bericht...</textarea><br> 
<input type="submit" name="submit" value="Stuur"> 
<?php 
} 
?>
 
Last edited:
Master Summoner
Joined
Dec 8, 2008
Messages
559
Reaction score
108
1.Exploit 2. Database's db? fail!

I'm Not Liked .
 
Back
Top