扫码分享
验证:
体验盒子|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 |
# Exploit Title: Multi Branch School Management System 3.5 - "Create Branch" Stored XSS # Exploit Author: Kislay Kumar # Date: 2020-12-21 # Google Dork: N/A # Vendor Homepage: https://www.ramomcoder.com/ # Software Link: https://codecanyon.net/item/ramom-multi-branch-school-management-system/25182324 # Affected Version: 3.5 # Category: Web Application # Tested on: Kali Linux Step 1. Login as Super Admin. Step 2. Select "Branch" from menu and after that click on "Create Branch". Step 3. Insert payload - "><img src onerror=alert(1)> in "Branch Name" , "School Name" , "Mobile No." , "Currency" , "Symbol" , "City" and "State". Step 4. NowClick on "Save" andyou will get a list of alert boxes. |
体验盒子
