Simple Forums
programmeruser (575)

I made a simple forum system with @18001767679, and you can find it at https://forum.phpthings.repl.co/. (don't judge me for using PHP, I just used it to try PHP.) You can login and post topics but there is no password reset.

You are viewing a single comment. View All
Baconman321 (1046)

also, you can do script injection (evil laugh). Might wanna look into that bud. Yep, if I wanted to I could steal your session ID. use htmlspecialchars() to escape in php. also, you can take my forums down (labeled "cool site" and "NO INJECTION AWWWWWWWW"), they both have injections, one is a h1 element, the other is a script alerting that you can inject, just to show you the dangers of xss, both of them are persistent xss, meaning I can steal your session cookies (I won't, promise). PLEASE FIX THIS RIGHT NOW. Also, replying doesn't seem to work if it's your own post?

programmeruser (575)

@Baconman321 fixed. Also you probably couldn't reply since I was removing the topics with XSS in them.

Baconman321 (1046)

@programmeruser Can you send the repl containing the project (you have so many repls I can't find it). I wanna see how it works :)

Baconman321 (1046)

@programmeruser why? I'm not a professional hacker too, so IDK much. Anyways, cool site (needs css tho). +1 from me.