bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/remote/52272.txt
Exploit-DB 6cef641858 DB: 2025-04-23 
9 changes to exploits/shellcodes/ghdb

tar-fs 3.0.0 - Arbitrary File Write/Overwrite

OpenSSH server (sshd) 9.8p1 - Race Condition

Firefox ESR 115.11 - PDF.js Arbitrary JavaScript execution

code-projects Online Exam Mastering System 1.0 - Reflected Cross-Site Scripting (XSS)

WonderCMS 3.4.2 - Remote Code Execution (RCE)

WordPress Core 6.2 - Directory Traversal
Microsoft Windows 11 - Kernel Privilege Escalation
Microsoft Windows 11 23h2 - CLFS.sys Elevation of Privilege
2025-04-23 00:16:28 +00:00

35 lines
No EOL
1.5 KiB
Text
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Exploit Title: code-projects Online Exam Mastering System 1.0 - Reflected Cross-Site Scripting (XSS)
# Google Dork: inurl:/exam/feedback.php
# Date: 2025-04-19
# Exploit Author: Pruthu Raut
# Vendor Homepage: https://code-projects.org/
# Software Link: https://code-projects.org/online-exam-system-in-php-with-source-code/
# Version: 1.0
# Tested on: XAMPP on Windows 10 / Kali Linux (Apache + PHP 7.x)
# CVE : CVE-2025-28121
# Description:
# code-projects Online Exam Mastering System 1.0 is vulnerable to a Reflected XSS vulnerability in feedback.php via the "q" parameter.
# The application fails to sanitize user input properly, allowing attackers to inject arbitrary JavaScript code.
# Vulnerable URL:
# http://localhost/exam/feedback.php?q=Thank%20you%20for%20your%20valuable%20feedback
# PoC (Proof of Concept):
# Payload:
http://localhost/exam/feedback.php?q=<script>alert('XSS')</script>
# Steps to Reproduce:
# 1. Host the application locally using XAMPP or a similar stack.
# 2. Open the vulnerable URL with the payload in a browser.
# 3. The JavaScript alert will be executed, demonstrating reflected XSS.
# Impact:
# - Account takeover via stolen cookies if a privileged user clicks the malicious link.
# - Full control of victims session context if exploited properly.
# - Can be chained with social engineering to target administrators.
# Mitigation:
# - Use `htmlspecialchars()` or a proper encoding mechanism to sanitize user input.
# - Implement Content Security Policy (CSP) headers.
# - Avoid reflecting unsanitized GET parameters into the HTML response.
Reference in a new issue View git blame Copy permalink