1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Identified PHP/SQL leaks with roominfo.php

Discussion in 'Bug Reports' started by Potatofactory, Aug 3, 2016.

  1. Potatofactory

    Potatofactory New Member

    Joined:
    Jul 20, 2016
    Messages:
    5
    Likes Received:
    3
    roominfo.php is a great tool to find that theater is playing what and also to locate the history of a theater. However, It appears to be exploitable by simply entering a non-existing room or using the mecha theater.

    User Agent:
    Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36

    Sources
    Evidence
    [​IMG]
    [​IMG]
     
  2. WinterPhoenix

    WinterPhoenix Founder/Lead Developer Staff Member Founder/Lead Developer

    Joined:
    Dec 28, 2015
    Messages:
    668
    Likes Received:
    240