Search Results

Search found 3 results on 1 pages for 'heldrida'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 1/1 | 1 

  • Penetration testing with Nikto, unknown results found

    - by heldrida
    I've scanned my new webserver and I'm surprised to find that in the results there's programs that I never installed. This is a fresh new install of Ubuntu 12.04 and just installed Php 5.3, mysql, fail2ban, apache2, git, a few other things. Not sure if related, but I've got Wordpress installed but this doesn't have anything to do with myphpnuke does it? I'd like to understand why am I getting this results ? + OSVDB-27071: /phpimageview.php?pic=javascript:alert(8754): PHP Image View 1.0 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. + OSVDB-3931: /myphpnuke/links.php?op=search&query=[script]alert('Vulnerable);[/script]?query=: myphpnuke is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. + OSVDB-3931: /myphpnuke/links.php?op=MostPopular&ratenum=[script]alert(document.cookie);[/script]&ratetype=percent: myphpnuke is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. + /modules.php?op=modload&name=FAQ&file=index&myfaq=yes&id_cat=1&categories=%3Cimg%20src=javascript:alert(9456);%3E&parent_id=0: Post Nuke 0.7.2.3-Phoenix is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. + /modules.php?letter=%22%3E%3Cimg%20src=javascript:alert(document.cookie);%3E&op=modload&name=Members_List&file=index: Post Nuke 0.7.2.3-Phoenix is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. + OSVDB-4598: /members.asp?SF=%22;}alert('Vulnerable');function%20x(){v%20=%22: Web Wiz Forums ver. 7.01 and below is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. + OSVDB-2946: /forum_members.asp?find=%22;}alert(9823);function%20x(){v%20=%22: Web Wiz Forums ver. 7.01 and below is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Thanks for looking!

    Read the article

  • PHP functions wont work with String object, but works with it typed manually

    - by heldrida
    Hi, I'm trying to strip tags from a text output coming from an object. The problem is, that I can't. If I type it manually like "<p>http://www.mylink.com</p>", it works fine! When doing echo $item->text; it gives me the same string "<p>http://www.mylink.com</p>"; Doing var_dump or even gettype, gives me a string(). So, I'm sure its a string, but it's not acting like it, I tried several functions preg_replace, preg_match, strip_Tags, none worked. How can I solve this situation, how to debug it ? $search = array("<p>", "</p>"); $switch = array("foo", "baa"); //works just fine, when used $text = "<p>http://www.mylink.com</p>"; //it's a string for sure! var_dump($item->introtext); $text = $item->introtext; //doesn't work $text = str_replace($search, $switch, $text); $text = strip_tags($text, "<p>"); //doesn't work either. $matches = array(); $pattern = '/<p>(.*)<\/p>/'; preg_match($pattern, $text, $matches); //gives me the following output: <p>http://www.omeulink.com</p> echo $text;

    Read the article

  • $_POST goes empty after adding a new input type "file"

    - by heldrida
    Hi, I'm not finding a way to understand and fix this and I've done a lot. I've got a script, wish is a simple form, that sends a file trough POST. The second file, process the info. By default, I give to the user a few fields, one of them being a input field of type "file" and there's also, a few "hidden" one's, that gives me values to work with on POST. I found that, when adding a new input of type "file", the $_POST returns array 0, even $_FILES returns nothing. I have no idea how to fix this, and it works just fine when keeping the default input box of type "file". This is the form http://pastie.org/872488 This only happens when: Exists! var_dump( $_POST ), or $_FILES, print_r(), etc Returns nothing. I've tryed to create a array on the input of type "files", like img_p_child[], but nothing. How to solve this ? Thanks for taking your time!

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

1