/    Sign up×
Community /Pin to ProfileBookmark

Need help b4 i get hacked

Copy linkTweet thisAlerts:
Jun 06.2006

when i call the page like this it the alert button come out and showing the md5 hashed password and the user name i need help b4 i get hacked how to prevent this thanx in advance

[code]
index.php?id=’><script>alert(document.cookie)</script>

index.php?action=top&show=5&type=’><script>alert(document.cookie)</script>

index.php?action=top&show=’><script>alert(document.cookie)</script>&type=Artists[/code]

to post a comment
PHP

2 Comments(s)

Copy linkTweet thisAlerts:
@chazzyJun 06.2006 — don't store your password in a cookie, it's that simple.
Copy linkTweet thisAlerts:
@NogDogJun 06.2006 — Not sure what you're doing with those URL query strings, but this will make any embedded script text non-executatble:
[code=php]
foreach($_GET as $ix => $val)
{
$_GET[$ix] = htmlentities($val);
}
[/code]
×

Success!

Help @dominator69 spread the word by sharing this article on Twitter...

Tweet This
Sign in
Forgot password?
Sign in with TwitchSign in with GithubCreate Account
about: ({
version: 0.1.9 BETA 5.1,
whats_new: community page,
up_next: more Davinci•003 tasks,
coming_soon: events calendar,
social: @webDeveloperHQ
});

legal: ({
terms: of use,
privacy: policy
});
changelog: (
version: 0.1.9,
notes: added community page

version: 0.1.8,
notes: added Davinci•003

version: 0.1.7,
notes: upvote answers to bounties

version: 0.1.6,
notes: article editor refresh
)...
recent_tips: (
tipper: @Yussuf4331,
tipped: article
amount: 1000 SATS,

tipper: @darkwebsites540,
tipped: article
amount: 10 SATS,

tipper: @Samric24,
tipped: article
amount: 1000 SATS,
)...