Advertisement
CVE | Category | Price | Severity |
---|---|---|---|
CVE-2018-6655 | CWE-79 | Not specified | Not specified |
Author | Risk | Exploitation Type | Date |
---|---|---|---|
Not specified | Not specified | Not specified | 2018-02-08 |
CVSS | EPSS | EPSSP |
---|---|---|
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N | 0.02192 | 0.50148 |
###################################################################################### # Exploit Title: PHP Scripts Mall Doctor Search Script 1.0.2 has Stored XSS. # Date: 06.02.2018 # Exploit Author: Prasenjit Kanti Paul # Web: http://hack2rule.wordpress.com/ # Vendor Homepage: https://www.phpscriptsmall.com/ # Software Link: https://www.phpscriptsmall.com/product/doctor-search-script/ # Category: Web Application # Version: 1.0.2 # Tested on: Linux Mint # CVE: CVE-2018-6655 ####################################################################################### *Proof of Concept* 1. Login as a user 2. Goto "Edit Profile" 3. Edit any field with "<script>alert("PKP")</script>" 4. Save Profile 5. You will be having a popup "PKP"
Copyright ©2024 Exploitalert.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.