Wikipwndia.

Publicated on : 1185581900
From day one I hate that name: Wikipedia. It's a meta language demon that is haunting me in my dreams, they abuse URI's and have those horrible names for everything. Moreover they suck at being cool and they've become one big pulp archive listing every dumb thing known to man. I wrote about it before, they think it's okay to have XSS and SQL injection, I won't throw it up again but it's quite true. So if they don't care, I have few next. Let's see how quickly those are going to be patched ^^ Am I evil? No I'm not, I only wanna have some fun is that a crime?

Why it's bad to echo back the PHPSESSID:
http://www.0x000000.com/hacks/wikipedia/session_modification.jpg

Look mom! html injection:
http://www.0x000000.com/hacks/wikipedia/injection.jpg