GulfTech Computers strives to beat the price(s) of any other business around.
Check with us first as it just may save you some time and money. And who doesn't want to
save money? Please contact us with any questions or inquiries.
Latest GulfTech Releases
SubScan v1.2 Scans a domain for DNS records and SubDomains. Very stealthy, and can be used
to find many hosts not on the public netblock. A very interesting tool to say the least.
Works on both Nix and Windows based systems. Get it now!
PHP TopSites is a PHP/MySQL-based customizable TopList script. Main features include:
Easy configuration config file; MySQL database backend; unlimited categories, Site rating
on incoming votes; Special Rating from Webmaster; anti-cheating gateway; Random link; Lost
password function; Webmaster Site-approval; Edit site; ProcessingTime display; Cookies
Anti-Cheating; Site Reviews; Linux Cron Free; Frame Protection and much more.
Script Injection Vulnerability:
An HTML injection vulnerability has been discovered in PHP TopSites. The issue occurs due
to insufficient sanitization of user-supplied data. By injecting HTML code into the <body>
tag of the description page, when submitting website, it may be possible to cause an
administrator to edit or delete database entries. This issue will occur when an unsuspecting
administrator loads the submitted description. This vulnerability also affects the
Cross Site Scripting Vulnerability:
A vulnerability has been discovered in PHP TopSites. Due to invalid sanitization of
user-supplied input by the 'help.php' script, it may be possible for an attacker to steal
another users cookie information or other sensitive data. This issue can be exploited by
constructing a malicious URL containing embedded script code as a 'help.php' parameter.
When an unsuspecting user follows the link sensitive information, such as cookie-based
authentication credentials may be obtained by the attacker.
Plaintext Password Weakness:
A weakness has been discovered in PHP TopSites. It has been reported that user's
passwords are stored in plaintext and thus are visible to TopSites administrators.
This poses a security risk as TopSite script users may use the same passwords on
SQL Injection Vulnerability:
A vulnerability has been discovered in PHP TopSites. Due to insufficient sanitization of
user-supplied URI parameters it is possible for an attacker to embed SQL commands into
certain page requests. This may result in database information being disclose to an attacker.
Upgrade to the current version of php topsites