Qe 4.1.6 Cross Site Scripting

Exploit Title: Qe 4.1.6 Cross site scripting Date: 2014 18 March Author: Dr.3v1l Vendor Homepage: http://c97.net Version : 4.1.6 Tested on: Windows Category: webapps Google Dork: Open your eyeZ + Exploit : http:///qe4.1.6/install/install.php URL encoded GET input cmd was set to : "alert/xss/ The...

Chat2 Cross Site Scripting / SQL Injection

Exploit Title: Chat2 Blind SQL Injection Chat2 Cross site scripting Date: 2014 18 March Author: Dr.3v1l Tested on: Windows Category: webapps Google Dork: inurl:"/chatrooms.php" + Exploit SQL: http:///Chat2/jumpin.php URL encoded POST input userid was set to :...

Square 0.3.1 Cross Site Scripting

Exploit Title: Square 0.3.1 XSS Vulnerability Date: 2014 17 March Author: Dr.3v1l Vendor Homepage: http://readmoresystems.com Version : 0.3.1 Tested on: Windows Category: webapps Google Dork: inurl:"/?s=" + Exploit : http:///square.0.3.1/0.3.1/?s=XSS&submit=Submit&cmd=search + Demo : You can find...

Webers CMS XSS / LFI / SQL Injection

Exploit Title: Webers CMS Multiple Vulnerability Date: 2013 5 November Author: Hossein Hezami Dr.3v1l Vendor: http://www.webers.gr Version: All Version Security Risk: High Category: WebApps Google Keywords: intext:"created by Webers" site:gr Tested on: Linux Exploit : XSS / SQL Injection / LFI /...