AOH :: HP Unsorted T :: B06-2863.HTM

Tinymuw v1.0 - xss
TinyMuw v1.0 - XSS
TinyMuw v1.0 - XSS

TinyMuw v1.0


Effected files:
quickchat.php input box

Input isn't sanatized before being generated in the quickchat.php chatbox. For PoC try putting:
 in as your comment.

Full path disclosure error via URL Injection:'

Fatal error: Using $this when not in object context in /home/user/public_html/tinyMuw/tinyMuw/video.php on line 18 

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH
We do not send spam. If you have received spam bearing an email address, please forward it with full headers to