milliscripts.com

[Guest]

for you installed mylounge 1.4

pls note a security risk if you failed to sanitize user input on register.php
if user inputing a quote (') on email form.
eg. hgshgh'jhghg@jkhjhs.com

output : Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/lyp/public_html/myred/register.php on line 284

im only check lyp.nl

[Guest]

...

this char is not allowed, so thats not a security risk ...