Xeroneit Library Management System 3.1 – “Add Book Category ” Stored XSS

Exploit Database
13 阅读

作者： Kislay Kumar

日期： 2020-12-18
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/49292/

# Exploit Title:Xeroneit Library Management System 3.1 - "Add Book Category " Stored XSS
# Exploit Author: Kislay Kumar
# Date: 2020-12-18
# Vendor Homepage: https://xeroneit.net/
# Software Link: https://xeroneit.net/portfolio/library-management-system-lms
# Affected Version: Version 3.1
# Tested on: Kali Linux

Step 1. Login to the application as Admin.

Step 2. Select "Book" from menu and click on "Book Category" . Now , click
on "Add" Button.

Step 3. Insert payload - "><img src onerror=alert(1)> ,in "Category Name"
and Save it.

Step 4. Now you will see an alert box .

last Exploits
Xeroneit Library Management System 3.1 – “Add Book Category ” Stored XSS的更多信息

StivaSoft Stiva SHOPPING CART 1.0 – ‘demo.php’ Cross-Site Scripting：
MTS MBlaze Ultra Wi-Fi / ZTE AC3633 – Multiple Vulnerabilities：
Covenant v0.5 – Remote Code Execution (RCE)：
Apartment Visitors Management System 1.0 – Authentication Bypass：
i-netsolution Job Search Engine – SQL Injection：
pfSense 2.4.4-p1 – Cross-Site Scripting：
Joomla! Component KissGallery 1.0.0 – SQL Injection：
SuiteCRM 7.10.7 – ‘parentTab’ SQL Injection：