Edit Report

Our sensors found this exploit at:

Below is a copy:

EgavilanMedia PHPCRUD 1.0 Full Name Stored Cross Site Scripting
# Exploit Title: EgavilanMedia PHPCRUD 1.0 - 'Full Name' Stored Cross Site Scripting
# Exploit Author: Mahendra Purbia
# Vendor Homepage:
# Software Link:
# Version: 1.0
# Tested on: Windows 10

Vulnerable Parameters: Full Name
Steps for reproduce:
 1. go to http://localhost/PHPCRUD/
 2. now click on "add new record" and fill the details (in first name name use :"><svg onload=alert(1)// )
 3. Now reload the page and you will see that our XSS payload executed . Its an Stored XSS.

Copyright ©2022 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.