Comments on: Unanonymity 0.3 : PHP script to reveal user data http://www.megapanzer.com/2009/08/10/unanonymity-0-3-php-script-to-reveal-user-data/ Thu, 01 Dec 2011 18:03:30 +0000 hourly 1 http://wordpress.org/?v=3.3 By: carrumba http://www.megapanzer.com/2009/08/10/unanonymity-0-3-php-script-to-reveal-user-data/comment-page-1/#comment-2799 carrumba Thu, 07 Oct 2010 06:51:02 +0000 http://www.megapanzer.com/?p=2576#comment-2799 it's a dead end script. data won't be processed any further and the script doesn't pose a threat. but generally spoken, yes. you are right. it’s a dead end script. data won’t be processed any further and the script doesn’t pose a threat.
but generally spoken, yes. you are right.

]]> By: 1337 hax0r http://www.megapanzer.com/2009/08/10/unanonymity-0-3-php-script-to-reveal-user-data/comment-page-1/#comment-2714 1337 hax0r Wed, 06 Oct 2010 05:13:45 +0000 http://www.megapanzer.com/?p=2576#comment-2714 You fail to escape user input and echo all the servers variables genereted from the clients request. So your demo page and this script is open for various attacks. for example Xss, open redirect, etc. regards You fail to escape user input and echo all the servers variables genereted from the clients request.
So your demo page and this script is open for various attacks. for example Xss, open redirect, etc.

regards

]]>