bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/48905.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

39 lines
No EOL
1 KiB
Text
Raw Permalink Blame History

# Exploit Title: PHPGurukul hostel-management-system 2.1 allows XSS via
Guardian Name, Guardian Relation, Guardian Contact no, Address, City
# Google Dork: N/A
# Date: 2020-10-08
# Exploit Author: Kokn3t
# Vendor Homepage: https://phpgurukul.com
# Software Link: https://phpgurukul.com/hostel-management-system
# Version: V 2.1
# Tested on: Windows 10, Kali 2020.1
# CVE : CVE-2020-25270
######## Attack Vector ########
Install Hostel Management System V 2.1
1) User Module
Login as user and go to "Book Hostel"
(http:/localhost/hostel/book-hostel.php) and start booking.
Add malicious script in these fields - "<script>alert('XSS');</script>"
i. Guardian Name
ii. Guardian Relation
iii.Guardian Contact no
iv. Address
vi. City
After that will get a prompt "Student Successfully register" and after
pressing "See All", XSS will be triggered.
2) Admin Module
Login in as Admin and go to "Management Students", and "View Full details"
of booked student's record, XSS will be triggered also.
Reference in a new issue View git blame Copy permalink