Search Results

Search found 3 results on 1 pages for 'heldrida'.

Page 1/1 | 1 

  • Penetration testing with Nikto, unknown results found

    - by heldrida
    I've scanned my new webserver and I'm surprised to find that in the results there's programs that I never installed. This is a fresh new install of Ubuntu 12.04 and just installed Php 5.3, mysql, fail2ban, apache2, git, a few other things. Not sure if related, but I've got Wordpress installed but this doesn't have anything to do with myphpnuke does it? I'd like to understand why am I getting this results ? + OSVDB-27071: /phpimageview.php?pic=javascript:alert(8754): PHP Image View 1.0 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. + OSVDB-3931: /myphpnuke/links.php?op=search&query=[script]alert('Vulnerable);[/script]?query=: myphpnuke is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. + OSVDB-3931: /myphpnuke/links.php?op=MostPopular&ratenum=[script]alert(document.cookie);[/script]&ratetype=percent: myphpnuke is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. + /modules.php?op=modload&name=FAQ&file=index&myfaq=yes&id_cat=1&categories=%3Cimg%20src=javascript:alert(9456);%3E&parent_id=0: Post Nuke 0.7.2.3-Phoenix is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. + /modules.php?letter=%22%3E%3Cimg%20src=javascript:alert(document.cookie);%3E&op=modload&name=Members_List&file=index: Post Nuke 0.7.2.3-Phoenix is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. + OSVDB-4598: /members.asp?SF=%22;}alert('Vulnerable');function%20x(){v%20=%22: Web Wiz Forums ver. 7.01 and below is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. + OSVDB-2946: /forum_members.asp?find=%22;}alert(9823);function%20x(){v%20=%22: Web Wiz Forums ver. 7.01 and below is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Thanks for looking!

    Read the article

  • PHP functions wont work with String object, but works with it typed manually

    - by heldrida
    Hi, I'm trying to strip tags from a text output coming from an object. The problem is, that I can't. If I type it manually like "<p>http://www.mylink.com</p>", it works fine! When doing echo $item->text; it gives me the same string "<p>http://www.mylink.com</p>"; Doing var_dump or even gettype, gives me a string(). So, I'm sure its a string, but it's not acting like it, I tried several functions preg_replace, preg_match, strip_Tags, none worked. How can I solve this situation, how to debug it ? $search = array("<p>", "</p>"); $switch = array("foo", "baa"); //works just fine, when used $text = "<p>http://www.mylink.com</p>"; //it's a string for sure! var_dump($item->introtext); $text = $item->introtext; //doesn't work $text = str_replace($search, $switch, $text); $text = strip_tags($text, "<p>"); //doesn't work either. $matches = array(); $pattern = '/<p>(.*)<\/p>/'; preg_match($pattern, $text, $matches); //gives me the following output: <p>http://www.omeulink.com</p> echo $text;

    Read the article

  • $_POST goes empty after adding a new input type "file"

    - by heldrida
    Hi, I'm not finding a way to understand and fix this and I've done a lot. I've got a script, wish is a simple form, that sends a file trough POST. The second file, process the info. By default, I give to the user a few fields, one of them being a input field of type "file" and there's also, a few "hidden" one's, that gives me values to work with on POST. I found that, when adding a new input of type "file", the $_POST returns array 0, even $_FILES returns nothing. I have no idea how to fix this, and it works just fine when keeping the default input box of type "file". This is the form http://pastie.org/872488 This only happens when: Exists! var_dump( $_POST ), or $_FILES, print_r(), etc Returns nothing. I've tryed to create a array on the input of type "files", like img_p_child[], but nothing. How to solve this ? Thanks for taking your time!

    Read the article

1