Advertisement






COVID19 Testing Management System 1.0 (COVID19 TMS v1.0) - Stored Cross-Site-Scripting (XSS)

CVE Category Price Severity
CVE-2020-16894 CWE-79 $5000 High
Author Risk Exploitation Type Date
Unknown High Remote 2021-06-14
CPE
cpe:cpe:/a:covid19_testing_management_system:covid19_tms:1.0
CVSS EPSS EPSSP
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L 0.02192 0.50148

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2021060082

Below is a copy:

COVID19 Testing Management System 1.0 (COVID19 TMS v1.0) - Stored Cross-Site-Scripting (XSS)
# Exploit Title: COVID19 Testing Management System 1.0 - Stored Cross-Site-Scripting (XSS)
# Date: 11 June 2021
# Exploit Author: BHAVESH KAUL
# Author Linkedin: https://www.linkedin.com/in/bhavesh-kaul-cs/
# Vendor Homepage: https://phpgurukul.com
# Software Link: https://phpgurukul.com/covid19-testing-management-system-using-php-and-mysql/
# Version: 1.0
# Tested on: Server: XAMPP

# Description #

COVID19 Testing Management System 1.0 is vulnerable to stored cross site scripting because of insufficient user supplied data sanitization. Anyone can submit a stored XSS payload without login when registering as a new user. This makes the application store our payload in the database and it is fired everything the dashboard is viewed.

# Proof of Concept (PoC) : Exploit #

1) Goto: http://localhost/covid-tms/new-user-testing.php
2) Enter the following payload in 'State' parameter: <script>alert(1)</script>
3) Fill out other information and submit query
4) Now goto: http://localhost/covid-tms/live-test-updates.php
5) Stored XSS payload is fired

# Image PoC : Reference Image #

1) Vulnerable Parameter: https://ibb.co/1vyNM2w
2) Payload Fired: https://ibb.co/CsfPnXK

Copyright ©2024 Exploitalert.

This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum