Jump to content

Hostel Management System 2.1 - Cross Site Scripting (XSS)

This CHT

By This CHT,
in CHT Vulnerability database

Recommended Posts

This CHT Grand Master

This CHT

Posted
  • Group:  The leader of the
  • Content Count:  4,798
  • Achievement Points:  31,702
  • With Us For:  244 Days
  • Status:  Offline
  • Last Seen:  
  • Device:  Windows
Posted 
# Exploit Title: Hostel Management System 2.1 - Cross Site Scripting (XSS)
# Date: 26/12/2021
# Exploit Author: Chinmay Vishwas Divekar
# Vendor Homepage: https://phpgurukul.com/hostel-management-system/
# Software Link: https://phpgurukul.com/hostel-management-system/
# Version: V 2.1
# Tested on: PopOS_20.10

*Steps to reproduce*

1) Open book-hostel page using following url https://localhost/hostel/book-hostel.php
2) Enter xss payload  <img src=x onerror=alert(String.fromCharCode(88,83,83));> on various input fields.
3) Server Accepted our Payload in input fileds.

Affected input fields: Correspondence Address, Guardian Relation, Permanent Address
Link to comment
Share on other sites
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...