-
-
Notifications
You must be signed in to change notification settings - Fork 331
Possible error messages
Rename .env.example to .env and fill in your database information.
PHP was unable to read your config file. Maybe you made a typo somewhere?
Please read instructions on how to install ezXSS correctly on Installation.
Please update your PHP to 7.1 or up.
ezXSS is designed to live on a website with an certificate. It is also not possible to execute payloads on websites with https if your ezXSS does not have a certificate.
If you still want to use ezXSS, for example on localhost to test, you can set the httpmode to true inside your config file .env
If you have screenshots enabled, you need to have the right permissions on the img directory to allow creating images. You can fix this by running chown 777 on your /assets/img/ folder. For example on Apache you would:
chmod 777 /var/www/html/assets/imgYou can also change your screenshot settings to store in the database instead of on the server. Change these settings on the /manage/settings page.
When email notifications are not working, make sure your mail service is setup correctly on your server. ezXSS uses the default php mail to send mails.
When Telegram / Slack / Discord notifications aren't working, there might be something wrong with curl. ezXSS uses curl to send the notification details to the webhooks. Make sure curl is installed on your server.
To install curl with apt:
apt-get install curl php-curlThis error can happen in MySQL. Changing to MariaDB might fix this as well. ezXSS will still work but not all indexes got added to the database. Indexes make sure all database queries run fast. You can try to fix this by hand by running the indexes queries by hand. This will tell you which column might be too big.
When your payload works fine on https:// sites, but not on http:// sites, this might have todo with your payload automatically redirecting http:// to https://. This can result in an 301 redirect header which is not always followed, and the payload is therefore not loaded.
If you want ezXSS to work on all sites, make sure you do not redirect http:// requests to https:// by default. Your payload should load without a redirect on http://example.com
You are missing the mysql/pdo driver that ezXSS uses to connect to your database. Install the proper php mysql driver. (for example sudo apt-get install php8.0-mysql)