| 标题 | PHPGurukul Emergency Ambulance Hiring Portal 1.0 Cross Site Scripting |
|---|
| 描述 | Bug Description:
A stored cross-site scripting (XSS) vulnerability in PHPGurukul Emergency Ambulance Hiring Portal 1.0 allows attackers to execute arbitrary web scripts via a crafted payload injected in the "Add Ambulance" functionality.
Steps to Reproduce:
# Exploit Title: Stored XSS in "Add Ambulance" functionality of Emergency Ambulance Hiring Portal
# Date: 28-03-2024
# Exploit Author: dhabaleshwardas
# Vendor Homepage: https://phpgurukul.com/
# Software Link: https://phpgurukul.com/emergency-ambulance-hiring-portal-using-php-and-mysql/
# Version: 1.0
# Tested on: firefox/chrome/brave
# CVE:
To reproduce the attack:
1- First, login to the application then, head to the http://localhost/eahp/admin/add-ambulance.php endpoint .
2- Here you would be asked to fill all the fields. We simply put XSS payloads in "Ambulance Reg No." and "Driver Name" fields and clicked "Add".
3- We can see that the payloads are directly embedded into the HTML content without proper sanitization or encoding, and hence, pop-ups are shown. |
|---|
| 来源 | ⚠️ https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/eahp_authsxss.md |
|---|
| 用户 | dhabaleshwar (UID 58737) |
|---|
| 提交 | 2024-03-29 12時06分 (2 年前) |
|---|
| 管理 | 2024-03-29 15時27分 (3 hours later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 258683 [PHPGurukul Emergency Ambulance Hiring Portal 1.0 Add Ambulance Page /admin/add-ambulance.php Ambulance Reg No/Driver Name 跨网站脚本] |
|---|
| 积分 | 20 |
|---|