Security Researcher (Ragezone vulnerability)

[Eletroplus]

Dear community

Admins contact with me!

You must be registered to see links

or skype: louc000

vulnerability 1 (mysql error):

You must be registered to see links

vulnerability 2 (Open Redirect): https://forum.ragezone.com/redirect-to/?redirect=https://twitter.com/Eletroplus

​

 

[MentaL]

1: SQL connection limit has been reached, not a vulnerability just my.cnf limit rearched.
2: Redirect is open and always has been, its a part of our link logging system with vbulletin.

 

[Eletroplus]

1: SQL connection limit has been reached, not a vulnerability just my.cnf limit rearched.
2: Redirect is open and always has been, its a part of our link logging system with vbulletin.

XSS > Also part of your system?

You must be registered to see links

:closedeyes:

 

[ThuGie]

Of course it is, how else are we going to troll each other ?

 

[Kreeate]

#Closed

 

[MentaL]

189.110.84.173 - - [10/Nov/2016:01:38:23 +0000] "GET /redirect-to/?redirect=https://www.xssposed.org HTTP/1.1" 301 617 "https://www.openbugbounty.org/incidents/110930/" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:49.0) Gecko/20100101 Firefox/49.0"
189.110.84.173 - - [10/Nov/2016:01:38:58 +0000] "GET /redirect-to/?redirect=https://twitter.com/Eletroplus HTTP/1.1" 301 617 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:49.0) Gecko/20100101 Firefox/49.0"
189.110.84.173 - - [11/Nov/2016:18:59:09 +0000] "GET /cache.php?img=i.imgur.com/DAG6Ttb.png HTTP/1.1" 301 617 "http://forum.ragezone.com/members/176864.html" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:49.0) Gecko/20100101 Firefox/49.0"


Ugh....

deception ... not good!