bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/49393.txt
Offensive Security 62b3c868cf DB: 2021-01-08 
7 changes to exploits/shellcodes

iBall-Baton WRA150N Rom-0 Backup - File Disclosure (Sensitive Information)
ECSIMAGING PACS 6.21.5 - Remote code execution
Employee Record System 1.0 - Unrestricted File Upload to Remote Code Execution
Cockpit CMS 0.6.1 - Remote Code Execution
Curfew e-Pass Management System 1.0 - Stored XSS
ECSIMAGING PACS 6.21.5 - SQL injection
CRUD Operation 1.0 - Multiple Stored XSS
2021-01-08 05:01:59 +00:00

9 lines
No EOL
490 B
Text
Raw Blame History

# Exploit Title: CRUD Operation 1.0 - Multiple Stored XSS
# Date: 4/1/2021
# Exploit Author: Arnav Tripathy
# Vendor Homepage: https://egavilanmedia.com
# Software Link: https://egavilanmedia.com/crud-operation-with-php-mysql-bootstrap-and-dompdf/
# Version: 1.0
# Tested on: linux / Lamp
Click on add new record. Simply put <script>alert(1)</script> and so on in all parameters. Pop up should come up moment you add the record. If not , simply refresh the page, it should come up.
Reference in a new issue View git blame Copy permalink