Originally Posted by Wildhoney
You've not filtered the inputs on your website and so I was able to easily inject Javascript in there without too much effort at all. Try adding strip_tags like so:
PHP Code:
$myVar = strip_tags($_POST['myVar']);
|
Haha Wildhoney; once they have sorted that out post it up!
"WildHoney Owned YOU!"