Employee Record Management System 1.2 Cross Site Scripting

2021.07.08

Credit: Subhadip Nag

Risk: Low

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-79

# Exploit Title: Employee Record Management System 1.2 - Stored Cross-Site Scripting (XSS)
# Date: 07 July 2021
# Exploit Author: Subhadip Nag (mrl0s3r)
# Vendor Homepage: https://phpgurukul.com/
# Software Link: https://phpgurukul.com/employee-record-management-system-in-php-and-mysql/
# Tested on: Server: XAMPP
# Description #
Employee Record Management System 1.2 is vulnerable to stored cross site scripting (xss) in the Edit My Education because of insufficient user supplied data.
# Proof of Concept (PoC) : Exploit #
1) Goto: http://localhost/ERMSP/erms/loginerms.php
2) Login: Login as a User(given username and password)
3) Go To Edit My Education and Edit My Exp
4) Enter the payload: <script>alert(1)</script>
5) Click Update
6) Go to 'My Education' option
7) Our XSS attack successful
# PoC image
1) https://ibb.co/LS78xjX
2) https://ibb.co/9G0Pbxb

See this note in RAW Version

Vote for this issue:

100%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Employee Record Management System 1.2 Cross Site Scripting

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.