Jump to content


  • Content Count

  • Joined

  • Last visited

Community Reputation

3 Neutral

About metho

  • Rank


  • Gender
    Not Telling


  • Kingdom


  • HTML

Recent Profile Visitors

250 profile views
  1. What tools would you use to control the influence of a big server or would you do it manually to distribute the players everywhere on the map?
  2. Hi, Here is a small example of a code injection on the top list: metin2pserver.info. If you want to test it yourself: I hosted the following script here ( https://pastebin.com/raw/28VjB803 ): /** * Rate. * * @param {string} serverId * @param {string} name * @param {string} email * @param {number} rating * @option 1 - Insufficient * @option 2 - Inadequate * @option 3 - Sufficient * @option 4 - Satisfying * @option 5 - Good * @option 6 - Very good * @param {string} comment * @param {number} picture * @option 1 - Warrior (m) * @option 2 - W
  3. @FlasH Strange, i downloaded the lastest version, encountered the issue, fixed it, posted it on another forum and get in contact with him personally. My guess would be, he implemented it as a sort of feature and now reverted it back to its original state. Maybe he will answer too here @Ionuț
  4. Hello everybody, Since someone asked me about injections in Metin2CMS (targeted CMS: https://metin2cms.cf/), I quickly looked at the code of the CMS mentioned. I also noticed a critical exploit that enables code injections. The file include\functions\sendEmail.php contains the following code: $site_name = $_SERVER['SERVER_NAME']; if ($site_name == 'localhost' || $site_name == '') $site_name = 'metin2cms.cf'; As of Apache 2, $_SERVER['SERVER_NAME'] can be transmitted from the client to the server via the http header Host (like for $_SERVER['



Chatroom Rules


Join our Discord

A request for help = Shoutbox Ban

Be respectful & Respect the rules


  • Create New...

Important Information

Terms of Use / Privacy Policy / Guidelines / We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.