Nwom Topsites version 3.0 is susceptible to SQL injection and cross site scripting vulnerabilities.
4dc593c12d4752d61e1bead78463e73a7305774f90e1d75e71f59b2f82f11aaa
Nwom topsites v3.0
http://www.nwom.net
Vulnerable files:
Comment input.
index.php
SQL info released on error:
http://www.example.com/index.php?o='
XSS:
http://www.example.com/index.php?o=<IMG%20SRC=javascript:alert(String.fromCharCode(88,83,83))>
- Luny