Komplette Web Community ~ XSS Vuln.

[endLesS]

< ------------------- header data start ------------------- >

# Exploit Title: Komplette Web News-Community XSS Vuln.
# Author: Lynch ~ Bug Researchers
# Date: 18.09.2011
# Demo: http://www.media-products-demoserver1.de/ph274/index.php // Search Box XSS Attack
# Software Link: http://www.media-products.de/komplette-web-news-community-adsense-p-478.html
# Fixed: Zararlı Karakterler Filitrelenmelidir.

< -- bug code start -- >

http://victim/index.php // Search Box XSS Attack

< -- bug code end of -- >

< ------------------- header data end of ------------------- >