Employee Record Management System 1.2 – Stored Cross-Site Scripting (XSS)

• Exploit Database
• 104 阅读

• 作者： Subhadip Nag
  日期： 2021-07-08
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/50112/

• # Exploit Title: Employee Record Management System 1.2 - Stored Cross-Site Scripting (XSS)
  # Date: 07 July 2021
  # Exploit Author: Subhadip Nag (mrl0s3r)
  # Vendor Homepage: https://phpgurukul.com/
  # Software Link: https://phpgurukul.com/employee-record-management-system-in-php-and-mysql/
  # Tested on: Server: XAMPP
  
  # Description #
  
  Employee Record Management System 1.2 is vulnerable to stored cross site scripting (xss) in the Edit My Education because of insufficient user supplied data.
  
  
  # Proof of Concept (PoC) : Exploit #
  
  1) Goto: http://localhost/ERMSP/erms/loginerms.php
  2) Login: Login as a User(given username and password)
  3) Go To Edit My Education and Edit My Exp
  4) Enter the payload: <script>alert(1)</script>
  5) Click Update
  6) Go to 'My Education' option
  7) Our XSS attack successful
  
  # PoC image
  1) https://ibb.co/LS78xjX
  2) https://ibb.co/9G0Pbxb
  

  Python

  Copy