CMS Elevel 1.0 Cross Site Scripting / SQL Injection

Exploit Title : CMS Elevel 1.0 - SQL Injection / XSS Exploit Author : Persian Hack Team Vendor Homepage : http://www.elevel.it/privacy.php Google Dork : "Web Design by Elevel" inurl:news.php Category: Webapps Tested on: Win Version: 1.0 Date: 2016/06/19 PoC: id Parameter Vulnerable To SQL / XSS...

Joomla Catfiltering 1.5.4 SQL Injection

Exploit Title : Joomla comcatfiltering - SQL Injection Exploit Author : Persian Hack Team Google Dork : inurl:index.php?option=comcatfiltering Category: Webapps Tested on: Win Version: 1.5.4 Date: 2016/06/14 PoC: flt1= Get Parameter Vulnerable To SQL Demo :...

Virtual Freer 1.58 Cross Site Scripting

+++++++++++++++++++++++++++++ + + Exploit Title: Virtual Freer Reflected Cross Site Scripting + + Exploit Author: Milad Hacking + + Discovered By: Milad Hacking + + Vendor Homepage : http://freer.ir/virtual/ + + Date: 2016-03-01 + + Tested on: Kali Linux / lceweasel + + Software link :...

WordPress mTheme-Unus Local File Inclusion

Exploit Title: Wordpress themes mTheme-Unus LFI Vulnerability Date: 2015-09-27 Exploit Author: FullSecurity.org Google Dork: ilnurl:/wp-content/themes/mTheme-Unus/ Vendor Homepage: https://wordpress.org/ Tested on : Kali Linux Description : Wordpress Themes mTheme-Unus not filtering data so we ca...

WordPress Popup Images Cross Site Scripting

++++++++++++++++++++++++ + + Exploit Title: Wordpress Plugin Popup Images Cross Site Scripting + + Exploit Author: Milad Hacking + + Date: 2014-06-1 + + Google Dork : inurl:/wp-content/plugins/popup-images + + Vendor Homepage : http://www.Wordpress.org + + Tested on: Windows 7 , Mozilla FireFox +...

WordPress Conversion Ninja Cross Site Scripting Vulnerability

WordPress Conversion Ninja plugin suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data. ++++++++++++++++++++++++ + + Exploit Title: Wordpress Plugin Conversionninja Cross Site Scripting + + Exploit Author: Ashiyane Digital Security Team + + Date:...

WordPress JS External Link Info Cross Site Scripting

Exploit Title : Wordpress Wp Js External link Info Cross Site Scripting Exploit Author : Ashiyane Digital Security Team Vendor Homepage : http://wordpress.org Google Dork : inurl:wp-content/plugins/wp-js-external-link-info Date : 2014/4/16 Tested on : Windows 7 , Linux Version : 1.21 Exploit :...

Wordpress Formcraft Plugin - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title : Wordpress formcraft Plugin Sql Injection Exploit Author : Ashiyane Digital Security Team Google Dork : inurl:/wp-content/plugins/formcraft Software Link : www.wordpress.org Tested on: Windows , Linux Date: 2013/12/2 Exploit : S...

WordPress FormCraft Premium SQL Injection

Exploit Title : Wordpress FormCraft - Premium Sql Injection Vulnerability Exploit Author : Ashiyane Digital Security Team Google Dork : inurl:/wp-content/plugins/formcraft Software Link : http://prefiles.com/15c9u57aupu2/codecanyon-formcraft-premium-wordpress-form-builder-5335056.zip Vender Home ...