Library Management System 3.0 Cross Site Scripting

Library Management System version 3.0 suffers from a persistent cross site scripting vulnerability.

MD5 | 158c116d00eec69c6ba9ab829568f511

# Exploit Title:  Library Management System 3.0 - "Add Category" Stored XSS
# Exploit Author: Kislay Kumar
# Date: 2020-12-22
# Google Dork: N/A
# Vendor Homepage:
# Software Link:
# Affected Version: 3.0
# Patched Version: Unpatched
# Category: Web Application
# Tested on: Kali Linux

Step 1. Login as Admin.

Step 2. Select "Book" from menu and select "Categories" from sub menu and
after that click on "Add Category".

Step 3. Insert payload - "><img src onerror=alert(1)> in "Category Name"

Step 4. Now Click on "Save" , Go to "Category" and See last , there you
will get alert box.

Related Posts