Xeroneit Library Management System 3.1 – “Add Book Category ” Stored XSS

• Exploit Database
• 120 阅读

• 作者： Kislay Kumar
  日期： 2020-12-18
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/49292/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18

  # Exploit Title:Xeroneit Library Management System 3.1 - "Add Book Category " Stored XSS # Exploit Author: Kislay Kumar # Date: 2020-12-18 # Vendor Homepage: https://xeroneit.net/ # Software Link: https://xeroneit.net/portfolio/library-management-system-lms # Affected Version: Version 3.1 # Tested on: Kali Linux   Step 1. Login to the application as Admin.   Step 2. Select "Book" from menu and click on "Book Category" . Now , click on "Add" Button.   Step 3. Insert payload - "><img src onerror=alert(1)> ,in "Category Name" and Save it.   Step 4. Now you will see an alert box .