Extending your knowledge with the decline
Hola Puntas! Just wanted to tell everyone about my new site, http://ww.thedecline.info, it's purpose is to continue the idea that all information should be free and also freely available. So it's going to be just full of articles on various subjects (not just hacking, it's not another hacking site). It's still under the works a bit, but it's still workable and usable. Right now I'm just trying to get a lot more users and articles. So if you want to help out, register, post articles, and try to get the forums a little bit active. Also, the sites got a pretty layout right now because I still need to get a decent layout finished, (well, actually, not me, a friend, but who gives a fuck, bahaha). But yea, hope everyone who checks it out enjoys it!
Ahem cough. please fix XSS Also create a logout button and don't have the cookies simply md5 the password, use sessions instead. If you need to keep some form of the password in the cookies (as a remember me feature for instance) then at least encrypt it using blowfish or whatever.
Edit: Another XSS: http://www.thedecline.info/viewarticles.php?subj=2'%3CEMBED%20src=ha.ckers.org/xss.swf%20AllowScriptAccess=always%20a='1&id=41asd
Edit: you allow HTML tags in the username Sure you limit the length but XSS fragmentation could be done on the members page to build up an XSS attack