WordPress KBoard Cross Site Scripting

Exploit Title : WordPress Plugin KBoard - Cross Site Scripting Exploit Author : Persian Hack Team Vendor Homepage : http://www.cosmosfarm.com/products/kboard Category Webapps Tested on Win Version : Before 4.4 Date 2016/09/26 PoC =Cross Site Scripting : Payload : 1" onmouseover=prompt"Persian"...

CMS Elevel 1.0 Cross Site Scripting / SQL Injection

Exploit Title : CMS Elevel 1.0 - SQL Injection / XSS Exploit Author : Persian Hack Team Vendor Homepage : http://www.elevel.it/privacy.php Google Dork : "Web Design by Elevel" inurl:news.php Category: Webapps Tested on: Win Version: 1.0 Date: 2016/06/19 PoC: id Parameter Vulnerable To SQL / XSS...

Joomla Catfiltering 1.5.4 SQL Injection

Exploit Title : Joomla comcatfiltering - SQL Injection Exploit Author : Persian Hack Team Google Dork : inurl:index.php?option=comcatfiltering Category: Webapps Tested on: Win Version: 1.5.4 Date: 2016/06/14 PoC: flt1= Get Parameter Vulnerable To SQL Demo :...

Joomla Maqma Helpdesk 4.2.3 Cross Site Scripting

Exploit Title : Joomla commaqmahelpdesk - XSS Vulnerability Exploit Author : Persian Hack Team Vendor Homepage : http://extensions.joomla.org/extension/maqma-helpdesk Category: Webapps Tested on: Win Date: 2016/06/09 Version : 4.2.3 PoC: Add Your Tiket sometimes you must login First in Message Te...