bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/49854.txt
Offensive Security 599b380301 DB: 2021-05-11 
7 changes to exploits/shellcodes

DHCP Broadband 4.1.0.1503 - 'dhcpt.exe' Unquoted Service Path
BOOTP Turbo 2.0.0.1253 - 'bootpt.exe' Unquoted Service Path
TFTP Broadband 4.3.0.1465 - 'tftpt.exe' Unquoted Service Path

Exploit Title: Complaints Report Management System 1.0 - 'username' SQL Injection / Remote Code Execution
Complaints Report Management System 1.0 - 'username' SQL Injection / Remote Code Execution

PHP Timeclock 1.04 - Time and Boolean Based Blind SQL Injection # Date: May 3rd 2021
PHP Timeclock 1.04 - Time and Boolean Based Blind SQL Injection
PHP Timeclock 1.04 - 'Multiple' Cross Site Scripting (XSS)
Human Resource Information System  0.1  - 'First Name' Persistent Cross-Site Scripting (Authenticated)
Microweber CMS 1.1.20 - Remote Code Execution (Authenticated)

Linux/x86 - setreuid(0) + execve(_/bin/sh_) Shellcode (29 bytes)
2021-05-11 05:01:57 +00:00

26 lines
No EOL
1.4 KiB
Text
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Exploit Title: Human Resource Information System  0.1  - 'First Name'  Persistent Cross-Site Scripting (Authenticated)
# Date: 04-05-2021
# Exploit Author: Reza Afsahi
# Vendor Homepage: https://www.sourcecodester.com
# Software Link: https://www.sourcecodester.com/php/14714/human-resource-information-using-phpmysqliobject-orientedcomplete-free-sourcecode.html
# Software Download: https://www.sourcecodester.com/download-code?nid=14714&title=Human+Resource+Information+System+Using+PHP+with+Source+Code
# Version: 0.1
# Tested on: PHP 7.4.11 , Linux x64_x86
# --- Description --- #
# The web application allows for an  assisstant to inject persistent Cross-Site-Scripting payload which will be executed in both assistant and Super Admin panel  
# --- Proof of concept --- #
1- Login as Assistant and go to:  http://localhost/code/Admin_Dashboard/Add_employee.php
2- Click on Add Employee button
3- Inject this payload into First Name input : <script>alert('xss')</script>
4- and fill other inputs as you want (Other inputs might be vulnerable as well) then click on Save button.
5- refresh the page and Xss popup will be triggered.
6- Now if Super Admin visit this page in his/her Dashboard : http://localhost/code/Superadmin_Dashboard/Add_employee.php
7- Our Xss payload will be executed on Super Admin Browser
** Attacker can use this vulnerability to take over Super Admin account **
Reference in a new issue View git blame Copy permalink