bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/48945.txt
Offensive Security 7ce71393bb DB: 2020-10-27 
9 changes to exploits/shellcodes

CMS Made Simple 2.1.6 - 'cntnt01detailtemplate' Server-Side Template Injection
Online Health Care System 1.0 - Multiple Cross Site Scripting (Stored)
InoERP 0.7.2 - Remote Code Execution (Unauthenticated)
PDW File Browser 1.3 - 'new_filename' Cross-Site Scripting (XSS)
Genexis Platinum-4410 - 'SSID' Persistent XSS
ReQuest Serious Play Media Player 3.0 - Directory Traversal File Disclosure
ReQuest Serious Play F3 Media Server 7.0.3 - Debug Log Disclosure
ReQuest Serious Play F3 Media Server 7.0.3 - Remote Denial of Service
ReQuest Serious Play F3 Media Server 7.0.3 - Remote Code Execution (Unauthenticated)
2020-10-27 05:02:17 +00:00

19 lines
No EOL
827 B
Text
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Exploit Title: Online Health Care System 1.0 - Multiple Cross Site Scripting (Stored)
# Google Dork: N/A
# Date: 2020/10/24
# Exploit Author: Akıner Kısa
# Vendor Homepage: https://www.sourcecodester.com/php/14526/online-health-care-system-php-full-source-code-2020.html
# Software Link: https://www.sourcecodester.com/sites/default/files/download/janobe/healthcare_0.zip
# Version: 1.0
# Tested on: XAMPP
# CVE : N/A
Vulnerable Pages:
http://localhost/healthcare/Users/registration.php
http://localhost/healthcare/Doctor/doctor_registration.php
Proof of Concept:
1 - Go to vulnerable pages and fill the "First Name" and "Last Name" blanks with <script>alert(1)</script> payload.
2 - And check user/doctor account on admin panel or http://localhost/healthcare/admin/user_detail.php?id=<userid> adres.
Reference in a new issue View git blame Copy permalink