cd30696d15
15 changes to exploits/shellcodes Queue Management System 4.0.0 - _Add User_ Stored XSS Spotweb 1.4.9 - 'search' SQL Injection Academy-LMS 4.3 - Stored XSS Spiceworks 7.5 - HTTP Header Injection Wordpress Plugin Contact Form 7 5.3.1 - Unrestricted File Upload SCO Openserver 5.0.7 - 'section' Reflected XSS SCO Openserver 5.0.7 - 'outputform' Command Injection Flexmonster Pivot Table & Charts 2.7.17 - 'Remote Report' Reflected XSS Flexmonster Pivot Table & Charts 2.7.17 - 'To OLAP' Reflected XSS Flexmonster Pivot Table & Charts 2.7.17 - 'To remote CSV' Reflected XSS Flexmonster Pivot Table & Charts 2.7.17 - 'Remote JSON' Reflected XSS Point of Sale System 1.0 - Multiple Stored XSS Online Marriage Registration System 1.0 - 'searchdata' SQL Injection Sony Playstation 4 (PS4) < 6.72 - 'ValidationMessage::buildBubbleTree()' Use-After-Free WebKit Code Execution (PoC) Sony Playstation 4 (PS4) < 7.02 - 'ValidationMessage::buildBubbleTree()' Use-After-Free WebKit Code Execution (PoC)
15 lines
No EOL
454 B
Text
15 lines
No EOL
454 B
Text
# Exploit Title: Academy-LMS 4.3 - Stored XSS
|
|
# Date: 19/12/2020
|
|
# Vendor page: https://academy-lms.com/
|
|
# Version: 4.3
|
|
# Tested on Win10 and Google Chrome
|
|
# Exploit Author: Vinicius Alves
|
|
|
|
# XSS Payload: "><h1>STORED XSS</h1> (Scripts tag blocked)
|
|
|
|
1) Access LMS and log in to admin panel
|
|
2) Access courses page
|
|
3) Open course manager and SEO menu
|
|
4) Paste the XSS Payload tag and Submit
|
|
5) Access the course page on frontend
|
|
6) Exploited! |