Laundry Booking Management System 1.0 – ‘Multiple’ Stored Cross-Site Scripting (XSS)

• Exploit Database
• 19 阅读

• 作者： Azumah Foresight Xorlali
  日期： 2021-08-20
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/50220/

• # Exploit Title: Laundry Booking Management System 1.0 - 'Multiple' Stored Cross-Site Scripting (XSS)
  # Date: 2021-08-19
  # Exploit Author: Azumah Foresight Xorlali
  # Vendor Homepage: https://www.sourcecodester.com/php/14400/laundry-booking-management-system-php-source-code.html
  # Software Link: https://www.sourcecodester.com/download-code?nid=14400&title=Laundry+Booking+Management+System+in+PHP+with+Free+Source+Code
  # Version: Version 1.0
  # Category: Web Application
  # Tested on: Kali Linux
  
  Step1: Log in to the application with any valid user credentials.
  Step2: Select User Management and click add new user.
  Step3: Fill the required details and type "<script>alert(document.domain)</script>" in the address boxor you can it on a notepad and paste it into the firstname and lastname since it doesn't you to type special characters into those fields
  Step 4:Click onSubmit