# Exploit Title: Budget Management System 1.0 - 'Budget title' Stored XSS# Exploit Author: Jitendra Kumar Tripathi# Vendor Homepage: https://www.sourcecodester.com/# Software Link: https://www.sourcecodester.com/php/14403/budget-management-system.html# Version: 1# Tested on Windows 10 + Xampp 8.0.3
XSS IMPACT:1: Steal the cookie
2: User redirection to a malicious website
Vulnerable Parameters: Customer Details
*Steps to reproduce:*
Add Budget Title
Payload :<script>alert(1)</script>
Reload the http://localhost/Budget%20Management%20System/index.php or update the budget , the xss will get triggered.
