Advertisement
CVE | Category | Price | Severity |
---|---|---|---|
Not specified | CWE-79 (Improper Neutralization of Input During Web Page Generation) | Not specified | High |
Author | Risk | Exploitation Type | Date |
---|---|---|---|
Not specified | High | Remote | 2023-04-15 |
# Title : Clinic Queuing System - XSS # Author : @Eawhitehat - Eren Arslan # Demo available : https://www.sourcecodester.com/php/16439/clinic-queuing-system-using-php-and-sqlite3-source-code-free-download.html # CVE: N/A Used Payload : "><script>(/eawhitehat is here/)</script> Admin account : Username: admin Password: sourcecodester&123 Method : Connect to panel : http://localhost/login.php #Vulnerablity 1. After login with admin account, go to http://localhost/?page=manage_patient (+ Add Record) 2. Add the payload : "><script>(/eawhitehat is here/)</script> in ""Fullname", "Contact" and Save 3. After page reloaded your XSS Loaded Enjoy !
Copyright ©2024 Exploitalert.