Human Resource Information System 0.1 | Persistent Cross-Site Scripting (Authenticated)

2021.05.17
Risk: Low
Local: Yes
Remote: Yes
CVE: N/A
CWE: N/A

|=========================================================================== | # Exploit Title : Human Resource Information System 0.1 | Persistent Cross-Site Scripting (Authenticated) | | # Author : Ali Seddigh | | # Category : Web Application | | # Vendor Homepage: https://www.sourcecodester.com | | # Software Link: https://www.sourcecodester.com/php/14714/human-resource-information-using-phpmysqliobject-orientedcomplete-free-sourcecode.html | | # Software Download: https://www.sourcecodester.com/download-code?nid=14714&title=Human+Resource+Information+System+Using+PHP+with+Source+Code | | # Tested on : [ Windows ~> 10 ] | | # Version : 0.1 | | # Date : 2021-05-15 |=========================================================================== # --- Description --- # # The web application allows for an assisstant to inject persistent Cross-Site-Scripting payload which will be executed in both assistant and Super Admin panel # --- Proof of concept --- # 1- Login as Assistant and go to: http://localhost/code/Admin_Dashboard/Add_employee.php 2- Click on Add Employee button 3- Inject this payload into First Name input : <script>alert('xss')</script> 4- and fill other inputs as you want (Other inputs might be vulnerable as well) then click on Save button. 5- refresh the page and Xss popup will be triggered. 6- Now if Super Admin visit this page in his/her Dashboard : http://localhost/code/Superadmin_Dashboard/Add_employee.php 7- Our Xss payload will be executed on Super Admin Browser ** Attacker can use this vulnerability to take over Super Admin account ** |=========================================================================== | # Discovered By : Ali Triplex |===========================================================================


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top