8 matches found
WordPress KBoard Cross Site Scripting
Exploit Title : WordPress Plugin KBoard - Cross Site Scripting Exploit Author : Persian Hack Team Vendor Homepage : http://www.cosmosfarm.com/products/kboard Category Webapps Tested on Win Version : Before 4.4 Date 2016/09/26 PoC =Cross Site Scripting : Payload : 1" onmouseover=prompt"Persian"...
CMS Elevel 1.0 Cross Site Scripting / SQL Injection
Exploit Title : CMS Elevel 1.0 - SQL Injection / XSS Exploit Author : Persian Hack Team Vendor Homepage : http://www.elevel.it/privacy.php Google Dork : "Web Design by Elevel" inurl:news.php Category: Webapps Tested on: Win Version: 1.0 Date: 2016/06/19 PoC: id Parameter Vulnerable To SQL / XSS...
Joomla Catfiltering 1.5.4 SQL Injection
Exploit Title : Joomla comcatfiltering - SQL Injection Exploit Author : Persian Hack Team Google Dork : inurl:index.php?option=comcatfiltering Category: Webapps Tested on: Win Version: 1.5.4 Date: 2016/06/14 PoC: flt1= Get Parameter Vulnerable To SQL Demo :...
Joomla Maqma Helpdesk 4.2.3 Cross Site Scripting
Exploit Title : Joomla commaqmahelpdesk - XSS Vulnerability Exploit Author : Persian Hack Team Vendor Homepage : http://extensions.joomla.org/extension/maqma-helpdesk Category: Webapps Tested on: Win Date: 2016/06/09 Version : 4.2.3 PoC: Add Your Tiket sometimes you must login First in Message Te...
ASP Dynamika 2.5 Cross Site Scripting
Exploit Title : ASP Dynamika 2.5 Cross Site Scripting Vulnerability Exploit Author : Persian Hack Team Vendor Homepage : http://www.dynamika.co.il/ Google Dork : "Powered By : Dynamika" Date : 2015/12/08 Version : 2.5 Vulnerable Paramter siteid= Bypass '"--alert0xa Demo:...
Property Castle 15 Cross Site Scripting
Exploit Title : Property Castle XSS Vulnerability Exploit Author : Persian Hack Team Vendor Homepage : http://www.propertycastle.com/ Google Dork : intext:"Powered By Property Castle " inurl:linkid= OR inurl:"/cms/cms.php?linkid=" Date : 2015/12/06 Version : PC15 Vulnerable Paramter linkid= Bypas...
MyCustomers 1.3.873 SQL Injection
Exploit Title : MyCustomers Cms Sql Injection Vulnerability Exploit Author : Persian Hack Team Vendor Homepage : http://www.iran-php.com/ Google Dork : "Powered By IranPHP" & inurl:/index.php?DPT=IP17 & "Powered+by+MyCustomers-1.3.873" Date: 2015/11/28 Version : 1.3 Vulnerable Paramter DPT= Demo:...
POLLSolved 1.5.2 SQL Injection / Authentication Bypass
Exploit Title : POLLSolved Authentication Bypass Exploit Author : Persian Hack Team Vendor Homepage : http://www.usolved.net/ Google Dork : intitle:POLLSolved Date: 2015/11/12 Version : v1.5.2 PoC: To bypass the login page enter '=' 'or' for username and password input. Login And Add Your Poll D:...