AstroCMS (Comet Emulator)

uLaxus

New Member
Aug 30, 2020
1
2
>
Hello, today I bring you a CMS from old projects - AstroCMS. The CMS is completely unique, both in its design and in its system, it contains (index, registration, me, profile, account settings, store, staff, hall, among other things). This CMS was made for COMET EMULATOR, but it is easily modifiable for the emulator you want to use.

This CMS is compatible with:
  • PHP 5.5.x
  • MySQL 5.0+
  • IIS
  • XAMPP 5.5.30 up to 5.6.x
  • Comet Emulator
Security:
This CMS is completely secure because it contains no flaws like XSS or SQL.
All entries are filtered before sending the data to the database.
Created entirely using the PHP PDO function.

Thanks
First of all I want to thank the developers who participated in its creation and in all the projects, Me, Dut and Wake, because all the projects were developed by us 3.

Created by:
Laxus,
Wake,
Dut.

You are free to edit, but do not remove the credits of the creators of it, as it involves many hours of work.

Images:
Download:
 
Last edited by a moderator:

Higoka

Active Member
Dec 16, 2018
174
74
"This CMS is completely safe because it contains no flaws like XSS or SQL."

Its not safe. you are using md5 for password encryption. md5 can easily be cracked. use bcrypt or even better use argon.
also dont store user passwords in sessions. also xss is possible in your cms. you need to escaped every data before printing to html

you might also want to check out psr standards because your code is a mess.
 
Last edited:

DDDDec

Tongue Boxing Champion 2023
May 30, 2017
402
248
just use the default password hashing method which of php 5.5.0 i think is bcrypt, literally takes like 5 mins to read it on php.net.

other than that i think the design is something new and i like it quite alot, great job bb.
 

xCristianSx

New Member
Mar 12, 2017
29
1
@calensi I tried with php 5.6.40, but it still shows me the syntax errors

Can you recommend a version of xampp with the php version suitable for this cms?
You must be registered for see images attach
 

Raizer

Active Member
Feb 21, 2019
144
76
This is the baddest thing i'd ever seen

In the github repo they announce

This CMS is completely safe because it contains no flaws like XSS or SQL.​

All inputs is tottaly filtred before sending the data to the database.​

Created entirely using the PHP PDO function.​


But whn you look in their code you see in the repository some vulnerabilitys, for example:

You must be registered for see images attach


They don't escape anything and that makes it possible to do xss injections and stuff
 
Last edited:

Raizer

Active Member
Feb 21, 2019
144
76
Read my post above please. I don't recommend using this unless you want to get hacked quickly lmao
Post automatically merged:

"This CMS is completely safe because it contains no flaws like XSS or SQL."

Its not safe. you are using md5 for password encryption. md5 can easily be cracked. use bcrypt or even better use argon.
also dont store user passwords in sessions. also xss is possible in your cms. you need to escaped every data before printing to html

you might also want to check out psr standards because your code is a mess.
Agree with you
 

xCristianSx

New Member
Mar 12, 2017
29
1
I tried to remove and include new php code, but literally all the cms is wrong and I am a beginner in PHP. Thanks @Raizer
I will use Cosmic, it is triple the better, I recommend it.
 

Users who are viewing this thread

Top