phpBugTracker 1.0.5 Cross Site Scripting

`  
phpBugTracker 1.0.5 Multiple Reflected XSS Vulnerabilities  
  
  
Vendor: Benjamin Curtis  
Product web page: http://phpbt.sourceforge.net/  
Affected version: 1.0.5  
  
Summary: phpBugTracker is a web-based bug tracker with functionality  
similar to other issue tracking systems, such as Bugzilla. Design  
focuses on separating the presentation, application, and database  
layers. phpBugTracker is lightweight and easy to install, operate  
and administer. Most text can be customized for your application.  
  
Desc: phpBugTracker suffers from multiple cross-site scripting vulns.  
The issue is triggered when input passed via the 'form' parameter to  
the 'query.php' script is not properly sanitized before being returned  
to the user. This can be exploited to execute arbitrary HTML and script  
code in a user's browser session in context of an affected site.  
'query.php' and 'newaccount.php' are also vulnerable because they fail  
to perform filtering when using the REQUEST_URI variable.  
  
Tested on: Microsoft Windows XP Professional SP3 (EN)  
Apache 2.2.14 (Win32)  
PHP 5.3.1  
MySQL 5.1.41  
  
Vulnerability discovered by Gjoko 'LiquidWorm' Krstic  
liquidworm gmail com  
  
  
Advisory ID: ZSL-2011-4996  
Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-4996.php  
  
  
07.02.2011  
  
  
-----  
  
http://127.0.0.1/query.php?op=doquery&form=1>'><script>alert(1)</script>  
http://127.0.0.1/query.php/>'><script>alert(1)</script>  
http://127.0.0.1/newaccount.php/>"><script>alert(1)</script>  
`