~= XSS Worm Test =~

*Overview*
Vulnerable application based on Diminutive XSS Worm Contest.  
See [1] for more information.  

*Install*

*** This application has intentional security holes! ***
*** Do not install on publicly accessible web sites. ***

Installation:
 - You need MySQL and PHP
 - magic_quotes_gpc = Off
 - Create a MySQL database 
 - Add a user for MySQL database
 - As user, run the 'create.sql' file
 - Edit 'db.php' to match environment.

*Application*

 - Use "please login" to login with arbitrary user
 - Selecting user name will bring up content page
 - Users can edit their own content, can view others
 - Optional "echo on" functionality will echo back content
 - Use "logout" to logout

[1] http://sla.ckers.org/forum/read.php?2,18790,18790