Dorks List Site 7 - CXSecurity.com

	Topic	Date	Credit
Low	Super Socializer 7.13.52 Reflected XSS Dork: inurl: https://example.com/wp-admin/admin-ajax.php?action=the_champ_sharing_count&urls[%3Cimg%20src%3Dx%20onerror%3Dalert%28document%2Edomain%29%3E]=https://www.google.com	03.07.2023	Amirhossein Bahr...
Med.	ToprakAJans Admin NoRedirect Bypass Dork: intext:"@ToprakAjans"	26.06.2023	BQX
Med.	HiSecOS 04.0.01 Privilege Escalation Dork: HiSecOS Web Server Vulnerability Allows User Role Privilege Escalation	22.06.2023	dreizehnutters
Low	WordPress WP Sticky Social 1.0.1 CSRF / Cross Site Scripting Dork: inurl:~/admin/views/admin.php	22.06.2023	Amirhossein Bahr...
Med.	WordPress Theme Medic v1.0.0 Weak Password Recovery Mechanism for Forgotten Password Dork: inurl:/wp-includes/class-wp-query.php	19.06.2023	Amirhossein Bahr...
Low	BlogMagz 1.0 - Stored XSS Dork: Copyright © 2023 BlogMagz All Rights Reserved.	18.06.2023	CraCkEr
Low	Camelon CMS 2.7.4 Stored XSS in Post Title Dork: intext:"Camaleon CMS is a free and open-source tool and a fexible content management system (CMS) based on Ruby on Rails"	15.06.2023	Yasin Gergin
High	WordPress Workreap 2.2.2 Shell Upload Dork: inurl:/wp-content/themes/workreap/	13.06.2023	Mohammad Hossein...
Med.	WordPress Theme Workreap 2.2.2 Unauthenticated Upload Leading to Remote Code Execution Dork: inurl:/wp-content/themes/workreap/	10.06.2023	Mohammad Hossein...
Med.	JetSınav SQL Injection + Default Password Vulnerability Dork: allintext:"Powered by Jetsınav"	28.05.2023	BQX
Low	SCM Manager 1.60 Cross Site Scripting Dork: intitle:"SCM Manager" intext:1.60	28.05.2023	neg0x
Low	Siemens SIMATIC S7-1200 Cross Site Request Forgery Dork: inurl:/Portal/Portal.mwsl	21.05.2023	RoseSecurity
Med.	Sophos Web Appliance 4.3.10.4 Pre-auth command injection Dork: title:"Sophos Web Appliance"	25.04.2023	Behnam Abasi Van...
Med.	Bluesoft Infotech - Sql Injection Vulnerability Dork: "Designed by Bluesoft Infotech"	23.04.2023	behrouz mansoori
Low	Instagram Brute Force Attack Using Python Dork: site:instagram.com inurl:login	15.04.2023	E1.Coders
High	Altenergy Power Control Software C1.2.5 OS command injection Dork: intitle:"Altenergy Power Control Software"	14.04.2023	Ahmed Alroky
Med.	Leaders Group - Sql Injection Vulnerability Dork: "By: Leaders Group"	11.04.2023	behrouz mansoori
Med.	Site by Jundweb - Sql Injection Vulnerability Dork: "Site by Jundweb"	11.04.2023	behrouz mansoori
Med.	pfsenseCE 2.6.0 Protection Bypass Dork: intitle:"pfSense - Login"	10.04.2023	FabDotNET
High	Goanywhere Encryption Helper 7.1.1 Remote Code Execution Dork: title:"GoAnywhere"	10.04.2023	Youssef Muhammad

Low

Super Socializer 7.13.52 Reflected XSS

Dork: inurl: https://example.com/wp-admin/admin-ajax.php?action=the_champ_sharing_count&urls[%3Cimg%20src%3Dx%20onerror%3Dalert%28document%2Edomain%29%3E]=https://www.google.com

03.07.2023

Med.

ToprakAJans Admin NoRedirect Bypass

Dork: intext:"@ToprakAjans"

26.06.2023

Med.

HiSecOS 04.0.01 Privilege Escalation

Dork: HiSecOS Web Server Vulnerability Allows User Role Privilege Escalation

22.06.2023

Low

WordPress WP Sticky Social 1.0.1 CSRF / Cross Site Scripting

Dork: inurl:~/admin/views/admin.php

22.06.2023

Med.

WordPress Theme Medic v1.0.0 Weak Password Recovery Mechanism for Forgotten Password

Dork: inurl:/wp-includes/class-wp-query.php

19.06.2023

Low

BlogMagz 1.0 - Stored XSS

Dork: Copyright © 2023 BlogMagz All Rights Reserved.

18.06.2023

Low

Camelon CMS 2.7.4 Stored XSS in Post Title

Dork: intext:"Camaleon CMS is a free and open-source tool and a fexible content management system (CMS) based on Ruby on Rails"

15.06.2023

High

WordPress Workreap 2.2.2 Shell Upload

Dork: inurl:/wp-content/themes/workreap/

13.06.2023

Med.

WordPress Theme Workreap 2.2.2 Unauthenticated Upload Leading to Remote Code Execution

Dork: inurl:/wp-content/themes/workreap/

10.06.2023

Med.

JetSınav SQL Injection + Default Password Vulnerability

Dork: allintext:"Powered by Jetsınav"

28.05.2023

Low

SCM Manager 1.60 Cross Site Scripting

Dork: intitle:"SCM Manager" intext:1.60

28.05.2023

Low

Siemens SIMATIC S7-1200 Cross Site Request Forgery

Dork: inurl:/Portal/Portal.mwsl

21.05.2023

Med.

Sophos Web Appliance 4.3.10.4 Pre-auth command injection

Dork: title:"Sophos Web Appliance"

25.04.2023

Med.

Bluesoft Infotech - Sql Injection Vulnerability

Dork: "Designed by Bluesoft Infotech"

23.04.2023

Low

Instagram Brute Force Attack Using Python

Dork: site:instagram.com inurl:login

15.04.2023

High

Altenergy Power Control Software C1.2.5 OS command injection

Dork: intitle:"Altenergy Power Control Software"

14.04.2023

Med.

Leaders Group - Sql Injection Vulnerability

Dork: "By: Leaders Group"

11.04.2023

Med.

Site by Jundweb - Sql Injection Vulnerability

Dork: "Site by Jundweb"

11.04.2023

Med.

pfsenseCE 2.6.0 Protection Bypass

Dork: intitle:"pfSense - Login"

10.04.2023

High

Goanywhere Encryption Helper 7.1.1 Remote Code Execution

Dork: title:"GoAnywhere"

10.04.2023