Joomla 1.5.x to 3.4.5 Object Injection Exploit (golang)

package main /* ** * Exploit Title: Joomla 1.5.x to 3.4.5 Object Injection Exploit * Exploit Author: Khashayar Fereidani ( http://fereidani.com ) * Version: 1.5.x to 3.4.5 * CVE : CVE-2015-8562

RecordPress Multiple Vulnerabilities

/ Discovered by : Khashayar Fereidanis Team Website : http://IRCRASH.COM Team Members : Khashayar Fereidani - Sina YazdanMehr - Arash Allebrahim English Forums : Http://IRCRASH.COM/forums/ Email : irancrash [ a t ] gmail [ d o t ] com

Linksys Cisco Wag120N CSRF Vulnerability

: http://linksysbycisco.com Discovered by : Khashayar Fereidani Team Website : Http://IRCRASH.COM Team Members : Khashayar Fereidani - Sina YazdanMehr - Arash Allebrahim English Forums : Http://IRCRASH.COM/forums/ Email : irancrash

SMF (Simple Machine Forum) 1.1.11 XSS - Discovered by : Khashayar Fereidani

|| Script : SMF (Simple Machine Forum) 1.1.11 || Vulnerability Type : Active XSS ( Active Cross Site Scripting ) || Risk : Low || Discovered By Khashayar Fereidani || http://ircrash.com http://bugtraq.ircrash.com || Note : For use this vulnerability you need access to censor words panel .

COMRaider Idefense Labs CreateFolder() and Copy() Insecure Method (Hard Disk Filler Exploit)

#!/usr/bin/perl ### # COMRaider Idefense Labs CreateFolder() and Copy() Insecure Method (Hard Disk Filler Exploit) # # Discovered and Exploited by : Khashayar Fereidani # Http://IRCRASH.com Http://Fereidani.ir #

PHP-Fusion Mod vArcade 1.8 Sql Injection Vulnerability

/ Discovered by : Khashayar Fereidani My Official Website : HTTP://FEREIDANI.IR Our Team Website : Http://IRCRASH.COM Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t ] com Sql Injection Vulnerability

Re: Re: Cpanel 11.x Local File Inclusion Cross Site Scripting - Discovered By Khashayar Fereidani

Hi , Attacker can bypass disable_functions mod_security safe_mode ... with this vulnerability . I think this is good reason ! http://fereidani.ir - Khashayar Fereidani

Cpanel 11.x Local File Inclusion Cross Site Scripting - Discovered By Khashayar Fereidani

Website : HTTP://FEREIDANI.IR Team Website : Http://IRCRASH.COM Team Members : Khashayar Fereidani - Hadi Kiamarsi - Sina YazdanMehr Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t ] com Local File Inclusion

Ezphotogallery 2.1 Multiple Vulnerabilities ( Xss/Login Bypass/Sql injection Exploit/File Disclosure)

inurl:show.php?imageid= # # # #Discovered by : Khashayar Fereidani a.k.a. Dr.Crash # #My Official Website : HTTP://FEREIDANI.IR # #Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t] com

PhsBlog v0.2 Bypass Sql injection Filtering Exploit

a.k.a. Dr.Crash # #My Official Website : HTTP://FEREIDANI.IR # #Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t] com # # # #Khashayar Fereidani Official Website : HTTP://FEREIDANI.IR

Nooms 1.1

://surfnet.dl.sourceforge.net/sourceforge/nooms/nooms_1.1.zip Discovered by : Khashayar Fereidani Or Dr.Crash My Website : HTTP://FEREIDANI.IR Team Website : Http://IRCRASH.COM Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t ] com

Mambo 4.6.2 Full Version - Multiple Cross Site Scripting - By Khashayar Fereidani

://surfnet.dl.sourceforge.net/sourceforge/mambo/MamboV4.6.2.zip Discovered by : Khashayar Fereidani My Website : HTTP://FEREIDANI.IR Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t ] com

FlexCMS = 2.5 Cross Site Scripting Vulnerability

/ Discovered by : Khashayar Fereidani Or Dr.Crash My Website : HTTP://FEREIDANI.IR Team Website : Http://IRCRASH.COM Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t ] com Cross Site Scripting

Pluck 4.5.2 Multiple Cross Site Scripting Vulnerabilities

.tar.gz Discovered by : Khashayar Fereidani Or Dr.Crash My Website : HTTP://FEREIDANI.IR Our Team Website : HTTP://IRCRASH.COM Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t ] com

Xampp Linux 1.6.7 Multiple Cross Site Scripting Vulnerabilities

/xampp-linux-1.6.7.tar.gz Discovered by : Khashayar Fereidani Or Dr.Crash My Website : HTTP://FEREIDANI.IR Team Website : Http://IRCRASH.COM Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t ] com

MJGuest 6.8 GT Cross Site Scripting Vulnerability

Website : HTTP://FEREIDANI.IR Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t] com Khashayar Fereidani Offical Website : HTTP://FEREIDANI.IR Script

DEV WMS Multiple Vulnerabilities

Fereidani Or Dr.Crash My Website : HTTP://FEREIDANI.IR Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t ] com Script Download : http://dev-wms.sourceforge.net

Easybookmarker 40tr Xss Vulnerability By Khashayar Fereidani

://FEREIDANI.IR Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t] com Khashayar Fereidani Offical Website : HTTP://FEREIDANI.IR Script Download : http

EasyPublish 3.0tr Multiple Vulnerabilities ( Xss / Sql Injection Exploit / File Disclosure Exploit )

# # # #Discovered by : Khashayar Fereidani a.k.a. Dr.Crash # #My Official Website : HTTP://FEREIDANI.IR # #Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t] com # # # #Khashayar Fereidani Offical Website : HTTP

Easyecards 310a Multipe Vulerabilities ( Xss / Sql Injection Exploit / File Disclosure Exploit ) By Khashayar Fereidani

# # # #Discovered by : Khashayar Fereidani a.k.a. Dr.Crash # #My Offical Website : HTTP://FEREIDANI.IR # #Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t] com # # # #Khashayar Fereidani Offical Website : HTTP

Maran PHP Blog Xss By Khashayar Fereidani

://FEREIDANI.IR Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t] com Khashayar Fereidani Offical Website : HTTP://FEREIDANI.IR Script Download : http

Easydynamicpages 30tr Multipe Vulerabilities ( Xss / Sql Injection Exploit / File Disclosure Exploit )

# # # #Discovered by : Khashayar Fereidani a.k.a. Dr.Crash # #My Offical Website : HTTP://FEREIDANI.IR # #Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t] com # # # #Khashayar Fereidani Offical Website : HTTP

VistaReseller Panel BETA Xss Vulnerability

')/script in Text box and click (Add) Button . # Now Open the Url Again See xss msg ## # Solution : Edit Source Code And Filter Variable With htmlspecialchar() function ... ## # Khashayar Fereidani Email : irancrash

Maian Uploader v4.0 XSS Vulnerabilities

... TNx : God.. Khashayar Fereidani Email : irancrash[at]gmail[dot]com

LifeType 1.2.8

With htmlspecialchar() function ... TNx : God.. Khashayar Fereidani Email : irancrash[at]gmail[dot]com IRCRASH TEAM - Http://IRCRASH.COM/

Maian Gallery v2.0 XSS Vulnerability

Solution : Edit Source Code And Filter Variable via htmlspecialchar() function ... TNx : God.. Khashayar Fereidani Email : irancrash[at]gmail[dot]com

Maian Cart v1.1 XSS Vulnerabilities

Solution : Edit Source Code And Filter Variable With htmlspecialchar() function ... TNx : God.. Khashayar Fereidani Email : irancrash[at]gmail[dot]com

Maian Search v1.1 Multiple Vulnerabilities (XSS/SQL INJECTION)

Solution : Edit Source Code And Filter Variable With htmlspecialchar() function ... TNx : God.. Khashayar Fereidani Email : irancrash[at]gmail[dot]com

Maian Guestbook v3.2 XSS Vulnerabilities

: God.. Khashayar Fereidani Email : irancrash[at]gmail[dot]com

Maian Weblog v4.0 XSS Vulnerabilities

: God.. Khashayar Fereidani Email : irancrash[at]gmail[dot]com

Maian Greeting v2.1 Multiple Vulnerabilities (XSS/SQL INJECTION)

Solution : Edit Source Code And Filter Variable With htmlspecialchar() function ... TNx : God.. Khashayar Fereidani Email : irancrash[at]gmail[dot]com

Maian Support v1.3 Xss Vulnerabilities

Solution : Edit Source Code And Filter Variable With htmlspecialchar() function ... TNx : God.. Khashayar Fereidani Email : irancrash[at]gmail[dot]com

Maian Recipe v1.2 Xss Vulnerabilities

.. Khashayar Fereidani Email : irancrash[at]gmail[dot]com

Maian Music v1.1 Multiple Vulnerabilities (Xss/SQL Injection)

Solution : Edit Source Code And Filter Variable With htmlspecialchar() function ... TNx : God.. Khashayar Fereidani Email : irancrash[at]gmail[dot]com

Maian Links v3.1 XSS Vulnerabilities

... TNx : God.. Khashayar Fereidani Email : irancrash[at]gmail[dot]com

BlackBook v1.0 Multiple XSS Vulnerabilities

Script : BlackBook v1.0 Type : Multiple XSS Vulnerabilities Discovered by : IRCRASH (Dr.Crash Or Khashayar Fereidani)

Lifetype 1.2.7 XSS Vulnerability

: Edit Source Code And Filter Variable With htmlspecialchar() function ... TNx : God.. Khashayar Fereidani Email : irancrash[at]gmail[dot]com

vlBook 1.21 (ALL VERSION)

Script : vlBook 1.21 (ALL VERSION) Type : Multiple Remote Vulnerabilities (LFI/XSS) Discovered by : IRCRASH (Dr.Crash Or Khashayar Fereidani)

mjguest 6.7 (ALL VERSION) Xss Redirection Vuln

Script : mjguest 6.7 (ALL VERSION) Type : Multiple Remote Vulnerabilities (XSS/REDIRECTION) Discovered by : IRCRASH (Dr.Crash Or Khashayar Fereidani)

php-addressbook v2.0 Multiple Remote Vulnerabilities (LFI/XSS)

/pad/index.php?skin=../[FILENAME]$00 TNx : God.. Khashayar Fereidani Email : irancrash[At]Gmail.com

Minibb 2.2a XSS Vulnerability

# Minibb 2.2a XSS Vulnerability

Datalife Engine 6.7 XSRF

# Datalife Engine 6.7 XSRF Vulnerability By IRCRASH

EasyNews-40tr Multiple Remote Vulnerabilities (SQL Injection Exploit/XSS/LFI)

#!/usr/bin/perl # EasyNews-40tr Multiple Remote Vulnerabilities (SQL Injection Exploit/XSS/LFI)