Advertisement






Class Scheduling System 1.0 Cross Site Scripting

CVE Category Price Severity
CVE-2021-12345 CWE-79 $500 High
Author Risk Exploitation Type Date
Anonymous High Remote 2020-12-29
CPE
cpe:No CPE (Common Platform Enumeration) URI string provided for this exploit
CVSS EPSS EPSSP
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 0.02192 0.50148

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2020120182

Below is a copy:

Class Scheduling System 1.0 Cross Site Scripting
# Exploit Title:  Class Scheduling System 1.0 - Multiple Stored XSS
# Exploit Author: Aakash Madaan (Godsky)
# Date: 2020-12-22
# Vendor Homepage: https://www.sourcecodester.com/php/5175/class-scheduling-system.html
# Software Link: https://www.sourcecodester.com/download-code?nid=5175&title=Class+Scheduling+System+using+PHP%2FMySQLi+with+Source+Code
# Affected Version: Version 1
# Category: Web Application
# Tested on: Parrot OS

[+] Step 1. Login to the application with admin credentials

[+] Step 2.1(a). Click on "Department" page.  {Uri :http(s)://<host>/admin/department.php}
    Step 2.1(b). In the "Person Incharge" field, use XSS payload '"><script>alert("Department")</script>' as the name of new course and click on save.
                 [ Note : The XSS can also be triggered if we put the same payload in "Title" field ]
    Step 2.1(c). Click on "Save" when done and this will trigger the Stored XSS payloads. Whenever you click on "Department", your XSS Payloads will be triggered.

[+] Step 2.2(a). Click on "Subject" page.  {Uri :http(s)://<host>/admin/subject.php}
    Step 2.2(b). In the "Subject Code" field, use XSS payload '"><script>alert("Subject")</script>' as the name of new course and click on save.
                 [ Note : The XSS can also be triggered if we put the same payload in "Title" field ]
    Step 2.2(c). Click on "Save" when done and this will trigger the Stored XSS payloads. Whenever you click on "Subject", your XSS Payloads will be triggered.

[+] Step 2.3(a). Click on "Course" page.  {Uri :
http(s)://<host>/admin/course.php}
    Step 2.3(b). In the "Course Year" field, use XSS payload '"><script>alert("Course")</script>' as the name of new course and click on save.
                 [ Note : The XSS can also be triggered if we put the same payload in "Major" field ]
    Step 2.3(c). Click on "Save" when done and this will trigger the Stored XSS payloads. Whenever you click on "Course", your XSS Payloads will be triggered.

[+] Step 2.3(a). Click on "Record" page.  {Uri :http(s)://<host>/admin/record.php}
    Step 2.3(b). In the "Name" field, use XSS payload '"><script>alert("Record")</script>' as the name of new course and click onsave.
                 [ Note : The XSS can also be triggered if we put the same payload in "Academic Rank" or "Designation" field ]
    Step 2.3(c). Click on "Save" when done and this will trigger the Stored XSS payloads. Whenever you click on "Record", your XSS Payloads will be triggered.

[+] Step 3. This should trigger the XSS payload and anytime you click on respective pages, your stored XSS payload will be triggered.


Copyright ©2024 Exploitalert.

This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum