| Author |
Message |
Anonymous
|
Posted: 26 Jan 2007 17:03:56
My girlfriend was looking for a link exchange script and thought about trying this one. I installed it for her and decided to see if she'd get "hacked" like her last one she tried.
It took one try-- and down the link exchange went making it inoperable in the admin panel. I used very basic code, in fact it was only 10 characters long and now the admin cannot approve or delete anything on the links page.
How come this hasn't been brought up before? Better question is, why hasn't it been fixed? It's the easiest thing to do and would take just a single character substution regex.
Hmmpfh.
Before people go through the effort installing yet another *PHP* script, do NOT install this one.
Add the noscript code and disable the admin panel completely. HTML was never regexed and leaves a huge exploit open.
|
skalinks
Admin
|
Posted: 27 Jan 2007 00:46:24
Hi, Anonymous (unfortunately, I do not know your username)
I’m really glad that you have such great skills in the sites hacking.
As I said in another topic posted by you:
http://www.skalinks.com/forums/index.php?action=vthread&forum=1&topic= 776&page=0#5
Regards
|
Anonymous
|
Posted: 5 Mar 2007 16:41:11
I am other anonymus, my question is why you (anonymus) want to boder the people of this forum with alf of answer or asquing why hasn't it been fixed? .
If you have the fix for this please email the answer to the admin.
|
|
