TUCoPS :: HP Unsorted T :: b06-2863.htm

Tinymuw v1.0 - xss
TinyMuw v1.0 - XSS
TinyMuw v1.0 - XSS

TinyMuw v1.0


Effected files:
quickchat.php input box

Input isn't sanatized before being generated in the quickchat.php chatbox. For PoC try putting:
 in as your comment.

Full path disclosure error via URL Injection:


Fatal error: Using $this when not in object context in /home/user/public_html/tinyMuw/tinyMuw/video.php on line 18 

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986- AOH