Google Dork: This website was created...

This dork targets websites built with phpWebThings version 1.4, a PHP-based CMS from the early 2000s with multiple critical security vulnerabilities. The query matches the default credit text displayed in the site footer. Results reveal active installations of this unmaintained CMS which is vulnerable to SQL injection (CVE-2004-2522), remote code execution, and cross-site scripting attacks.

• Critical Legacy CMS Identification: Find websites running phpWebThings 1.4, which contains severe SQL injection vulnerabilities in its forum module and news module that allow unauthorized database access and potential remote code execution.
• Supply Chain Risk Assessment: During vendor security assessments, identify if any suppliers or partners are running phpWebThings 1.4, indicating extremely poor security hygiene and potential supply chain risk.
• Authorized Security Testing: Locate phpWebThings 1.4 installations within an engagement scope to test known vulnerabilities and demonstrate the real-world risk of running software that's been abandoned for over 15 years.

1. Search Google for "This website was created with phpWebThings 1.4" to find sites displaying the default phpWebThings footer credit.
2. Verify each result is a live phpWebThings installation by checking for characteristic URL structures (/forum.php, /news.php, /links.php) and the default layout.
3. Research the extensive CVE list for phpWebThings 1.4 including SQL injection in multiple modules, XSS in search functionality, and file inclusion vulnerabilities.
4. If within authorized scope, document the vulnerabilities and recommend immediate decommissioning or migration; otherwise report via CERT or the site's abuse contact.

TAGS