Welcome, Guest.
Please login or register.

Home Calendar Search Register Login

Welcome to the E-Blah Community!
We would like to welcome you to our community and invite you to register an account or login.
Being a registered member is important, as it gives you several advantages over the normal Guest status. After registering you will be able to download files and images, post messages, and access member-only portions of the forum - just to name a few. Registration is quick and simple, and only takes about a minute of your time.

E-Blah Community  ›  E-Blah Discussion  ›  E-Blah Bugs  ›  EBlah is XSS vulnerable

Users Browsing Forum Googlebot and 1 Guests

EBlah is XSS vulnerable  This thread currently has 2,572 views.

1 Pages 1 Recommend Thread
Ol	December 24, 2005, 1:21pm Report to Moderator
E-Blah Member Posts: 5 Posts Per Day: 0.00 Reputation: 100.00% Time Online: 3 hours 12 minutes	Password can be easily stealed, even if it's encoded, even if permissions on username.dat is 0600. I'm very, very unhappy. It was a bad idea leave input on user's choice without checking. up to 9.6 version vulnerable (haven't checked 9.7).
Logged Offline	Private message
Justin	December 24, 2005, 1:27pm Report to Moderator
The E-Blah Developer E-Blah Programmer Posts: 15,196 Gender: Male Posts Per Day: 4.37 Reputation: 93.25% Reputation Score: +304 / -22 Time Online: 37 days 19 hours 48 minutes Location: Tallassee, AL Age: 25	And this happened ... where? I do installs for $25 and upgrades for $20. Technical support is always free.   Donate to E-Blah!   My Websites: Revolution Reality (My Blog)  | Portfolio "But you, O Lord, are a compassionate and gracious God, slow to anger, abounding in love and faithfulness." — Psalm 86:15 NIV
Logged Offline	Site Private message Reply: 1 - 3
Ol	December 26, 2005, 10:48am Report to Moderator
E-Blah Member Posts: 5 Posts Per Day: 0.00 Reputation: 100.00% Time Online: 3 hours 12 minutes	That bugfix, posted in news board makes impossible to change theme or language preference in user profile. Please fix.
Logged Offline	Private message Reply: 2 - 3
Justin	December 26, 2005, 11:00am Report to Moderator
The E-Blah Developer E-Blah Programmer Posts: 15,196 Gender: Male Posts Per Day: 4.37 Reputation: 93.25% Reputation Score: +304 / -22 Time Online: 37 days 19 hours 48 minutes Location: Tallassee, AL Age: 25	Add this: Code $FORM{'theme'} =~ s/|/\|/g; After this: Code } elsif($FORM{'caller'} == 8) { ProfileEdit.pl I do installs for $25 and upgrades for $20. Technical support is always free.   Donate to E-Blah!   My Websites: Revolution Reality (My Blog)  | Portfolio "But you, O Lord, are a compassionate and gracious God, slow to anger, abounding in love and faithfulness." — Psalm 86:15 NIV
Logged Offline	Site Private message Reply: 3 - 3
1 Pages 1 Recommend Thread

E-Blah Community  ›  E-Blah Discussion  ›  E-Blah Bugs  ›  EBlah is XSS vulnerable NewsForum UpdatesChit - ChatInstall IssuesForum SupportQuestion and AnswerE-Blah FeaturesE-Blah BugsLanguage SupportThemes and Images    E-Blah 10.x Mods    Mod Requests and Support    Modification Archive    Web Hosting    Showcase    Portal Modifications    e-dir Discussion        General E-Blah SQL