CRUD Operation Software 1.0 Cross Site Scripting

CRUD Operation Software version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.


MD5 | 9aaff9e6958d9377d58feec2ecfba283

Download
# Exploit Title: Multiple Stored XSS in CRUD Operation software
# Date: 4/1/2021
# Exploit Author: Arnav Tripathy
# Vendor Homepage: https://egavilanmedia.com
# Software Link:
https://egavilanmedia.com/crud-operation-with-php-mysql-bootstrap-and-dompdf/
# Version: 1.0
# Tested on: linux / Lamp

Click on add new record. Simply put <script>alert(1)</script> and so on in
all parameters. Pop up should come up moment you add the record. If not ,
simply refresh the page, it should come up.


Source: packetstormsecurity.com
Related Posts