Exploit free cms

**PremiumEye** · 05-02-13

Originally Posted by Quackster

XSS isn't an SQL injection

It means

Code:

cross site scripting

I didn't say it's the same. I only wanted to give an example of another hack posibility

Originally Posted by r63

SQL and XSS are two different things. Using Mysql real escape string doesn't fully protect you against code injection either. You also need to remove all html tags using strip-tags.

I know. I never said it's the same. I only wanted to give an example of another hack posibility

**The General** · 05-02-13

Originally Posted by FlyHotel

Thank you :D The cms is uploading without SWFs and c_images, i will post the download link here when its done.

EDIT:

Upload is done without SWFs and c_images. Downloadlink; https://mega.co.nz/#!OY4DnLYa!TbydMR...6UPIARzUmI_a64

I hope you can find the exploits for me, really thank you that you do this for me.

Why is it still 167 mb? A regular CMS is nothing more than 30 mb...

**FlyHotel** · 05-02-13

Originally Posted by tdid

Why is it still 167 mb? A regular CMS is nothing more than 30 mb...

The CMS has big files thats why it is 167 mb

Originally Posted by r63

I could fuck your site up using JavaScript if you don't clear HTML tags, if you don't know what HTML tags are I suggest you start learning.

I'm removing al the </html> tags do i have to remove this to; <?php echo stripslashes(htmlspecialchars($room['caption'])); ?> ??

**r63** · 05-02-13

Originally Posted by FlyHotel

I'm removing al the </html> tags

Idiot.

**PremiumEye** · 05-02-13

Originally Posted by FlyHotel

I'm removing al the </html> tags do i have to remove this to; <?php echo stripslashes(htmlspecialchars($room['caption'])); ?> ??

Do you understand anything about html/php/css/mysql?

**Quackster** · 06-02-13

Originally Posted by PremiumEye

Do you understand anything about html/php/css/mysql?

You only need to understand PHP. In this case MySQL and CSS are irrelevant.

/le sigh. humanity has failed.

**FlyHotel** · 06-02-13

Originally Posted by PremiumEye

Do you understand anything about html/php/css/mysql?

A little bit not enough to make perfect stuff.

**r63** · 06-02-13

Originally Posted by FlyHotel

A little bit not enough to make perfect stuff.

Write <script type="text/javascript">alert("idk");</script> into any search bar or input field in your CMS and you should understand what I mean. I am writing this on my phone so if I've missed any < > or "s that's why.

**V for Vendetta** · 06-02-13

I don't see a point of using such HTML tags, onto such CMS. Just makes it clear obvious that it's full of Exploits and that the whole title is just misleading.

Exploit free cms

Thread Tools

Re: Exploit free cms

Re: Exploit free cms

Re: Exploit free cms

Re: Exploit free cms

Re: Exploit free cms

Re: Exploit free cms

Re: Exploit free cms

Re: Exploit free cms

Re: Exploit free cms

Advertisement