Dorks List - CXSecurity.com

	Topic	Date	Credit
Med.	PennDev – SQL Injection vulnerability Dork: "Site Development: PennDev, LLC" or "PennDev, LLC"	13.07.2020	behrouz mansoori
Low	Golo - City Travel Guide WordPress Theme v1.3.2 - Unauthenticated Reflected XSS Dork: inurl:/wp-content/themes/golo/	13.07.2020	Vlad Vector
Low	CareerUp - Job Board WordPress Theme v2.3.0 - Unauthenticated Reflected XSS Dork: inurl:/wp-content/themes/careerup/	13.07.2020	Vlad Vector
Low	Prolisting - Directory Listing WordPress Theme v1.2 - Unauthenticated Reflected XSS Dork: inurl:/wp-content/themes/prolist/	13.07.2020	Vlad Vector
Med.	HomeSweet - Real Estate WordPress Theme v1.4 - IDOR leading to arbitrary deletion of ads Dork: inurl:/wp-content/themes/homesweet/	13.07.2020	Vlad Vector
Low	Jetapo \| Jobboard WordPress Theme v1.0.0 - Unauthenticated Reflected XSS Dork: inurl:/wp-content/themes/jetapo/	13.07.2020	Vlad Vector
Low	Monalisa \| Hotel & Resort WordPress Theme v2.1.2 - Unauthenticated Reflected XSS Dork: inurl:/wp-content/themes/monalisa/	13.07.2020	Vlad Vector
Low	Kormosala – Job Board WordPress Theme v1.0.22 - Unauthenticated Reflected XSS Dork: inurl:/wp-content/themes/kormosala/	13.07.2020	Vlad Vector
Low	Vista Panel - XSS Vulnerability Dork: intitle:"VP Login"	13.07.2020	clawnet
Med.	CSoftNet – Blind SQL Injection vulnerability Dork: "Web Solution by CSoftNet"	12.07.2020	behrouz mansoori
Med.	ATOM STUDIO – Cross Site Scripting & SQL Injection vulnerability Dork: "Designed by ATOM STUDIO"	12.07.2020	behrouz mansoori
Med.	Antarees Technologies – SQL Injection vulnerability Dork: "Website Developed By : Antarees Technologies"	11.07.2020	behrouz mansoori
Med.	HelloWeb 2.0 Arbitrary File Download Dork: inurl:exec/file/download.asp	11.07.2020	bRpsd
Med.	Geotrent – SQL Injection vulnerability Dork: "Developed & hosted by Geotrent"	09.07.2020	behrouz mansoori
Med.	gsonline – SQL Injection vulnerability Dork: "Powered by: gsonline WebNDesign"	09.07.2020	behrouz mansoori
Med.	Ciber Web Design – SQL Injection vulnerability Dork: "Created By: Ciber Web Design"	07.07.2020	behrouz mansoori
Med.	REPLICA WATCHES – SQL Injection vulnerability Dork: "DESENVOLVIDO POR REPLICA WATCHES"	07.07.2020	Mostafa Farzaneh
Med.	IT InfoTech Solution – SQL Injection vulnerability Dork: "Designed by IT InfoTech Solution"	07.07.2020	behrouz mansoori
Med.	MINMAX – SQL Injection vulnerability Dork: "Designed by MINMAX"	07.07.2020	Mostafa Farzaneh
Med.	Brandbugle – SQL Injection vulnerability Dork: "Powered by: Brandbugle"	05.07.2020	Mostafa Farzaneh

Med.

PennDev – SQL Injection vulnerability

Dork: "Site Development: PennDev, LLC" or "PennDev, LLC"

13.07.2020

Low

Golo - City Travel Guide WordPress Theme v1.3.2 - Unauthenticated Reflected XSS

Dork: inurl:/wp-content/themes/golo/

13.07.2020

Low

CareerUp - Job Board WordPress Theme v2.3.0 - Unauthenticated Reflected XSS

Dork: inurl:/wp-content/themes/careerup/

13.07.2020

Low

Prolisting - Directory Listing WordPress Theme v1.2 - Unauthenticated Reflected XSS

Dork: inurl:/wp-content/themes/prolist/

13.07.2020

Med.

HomeSweet - Real Estate WordPress Theme v1.4 - IDOR leading to arbitrary deletion of ads

Dork: inurl:/wp-content/themes/homesweet/

13.07.2020

Low

Jetapo | Jobboard WordPress Theme v1.0.0 - Unauthenticated Reflected XSS

Dork: inurl:/wp-content/themes/jetapo/

13.07.2020

Low

Monalisa | Hotel & Resort WordPress Theme v2.1.2 - Unauthenticated Reflected XSS

Dork: inurl:/wp-content/themes/monalisa/

13.07.2020

Low

Kormosala – Job Board WordPress Theme v1.0.22 - Unauthenticated Reflected XSS

Dork: inurl:/wp-content/themes/kormosala/

13.07.2020

Low

Vista Panel - XSS Vulnerability

Dork: intitle:"VP Login"

13.07.2020

Med.

CSoftNet – Blind SQL Injection vulnerability

Dork: "Web Solution by CSoftNet"

12.07.2020

Med.

ATOM STUDIO – Cross Site Scripting & SQL Injection vulnerability

Dork: "Designed by ATOM STUDIO"

12.07.2020

Med.

Antarees Technologies – SQL Injection vulnerability

Dork: "Website Developed By : Antarees Technologies"

11.07.2020

Med.

HelloWeb 2.0 Arbitrary File Download

Dork: inurl:exec/file/download.asp

11.07.2020

Med.

Geotrent – SQL Injection vulnerability

Dork: "Developed & hosted by Geotrent"

09.07.2020

Med.

gsonline – SQL Injection vulnerability

Dork: "Powered by: gsonline WebNDesign"

09.07.2020

Med.

Ciber Web Design – SQL Injection vulnerability

Dork: "Created By: Ciber Web Design"

07.07.2020

Med.

REPLICA WATCHES – SQL Injection vulnerability

Dork: "DESENVOLVIDO POR REPLICA WATCHES"

07.07.2020

Med.

IT InfoTech Solution – SQL Injection vulnerability

Dork: "Designed by IT InfoTech Solution"

07.07.2020

Med.

MINMAX – SQL Injection vulnerability

Dork: "Designed by MINMAX"

07.07.2020

Med.

Brandbugle – SQL Injection vulnerability

Dork: "Powered by: Brandbugle"

05.07.2020