Advertisement






Multi Branch School Management System 3.5 Cross Site Scripting

CVE Category Price Severity
CVE-2021-44523 CWE-79 $500 High
Author Risk Exploitation Type Date
John Doe High Remote 2020-12-26
CVSS EPSS EPSSP
CVSS:4.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N 0 0

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2020120175

Below is a copy:

Multi Branch School Management System 3.5 Cross Site Scripting
# Exploit Title: Multi Branch School Management System 3.5 - "Create Branch" Stored XSS
# Exploit Author: Kislay Kumar
# Date: 2020-12-21
# Google Dork: N/A
# Vendor Homepage: https://www.ramomcoder.com/
# Software Link: https://codecanyon.net/item/ramom-multi-branch-school-management-system/25182324
# Affected Version: 3.5
# Category: Web Application
# Tested on: Kali Linux

Step 1. Login as Super Admin.

Step 2. Select "Branch" from menu and after that click on "Create Branch".

Step 3. Insert payload - "><img src onerror=alert(1)> in "Branch Name" ,
"School Name" , "Mobile No." , "Currency" , "Symbol" , "City" and "State".

Step 4. Now  Click on "Save" and  you will get a list of alert boxes.

Copyright ©2024 Exploitalert.

This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum