http://thedailywtf.com/Articles/Reverse-Brute-Force.aspx
I agree, the fellow still has not fixed the XSS vulnerability in the original code 🙂
Despite being a n00b when it comes to PHP and MySQL, even I know that the original code is quite ridiculous 😃
