GoFuckYourself.com - Adult Webmaster Forum - View Single Post

raymor · 08-21-2007, 10:22 AM

It sounds like most likely the PHP settings for sending mail ay be messed up,
but I wouldn't spend much more time on that script anyway.
Anyone can log in through that script and get into your members' area
without signing up with a very simple attack that any script kiddie knows.
They just enter this information and get right in:

user: ' OR 1=1
pass: ' OR 1=1

You might want to go with a real security system like you see succesful
professional webmasters using, such as Strongbox.

08-21-2007, 10:22 AM
raymor Confirmed User Join Date: Oct 2002 Posts: 3,745	It sounds like most likely the PHP settings for sending mail ay be messed up, but I wouldn't spend much more time on that script anyway. Anyone can log in through that script and get into your members' area without signing up with a very simple attack that any script kiddie knows. They just enter this information and get right in: user: ' OR 1=1 pass: ' OR 1=1 You might want to go with a real security system like you see succesful professional webmasters using, such as Strongbox. __________________ For historical display only. This information is not current: support@bettercgi.com ICQ 7208627 Strongbox - The next generation in site security Throttlebox - The next generation in bandwidth control Clonebox - Backup and disaster recovery on steroids