Queue Management System version 4.0.0 suffers from a persistent cross site scripting vulnerability.
8d641b2ff385348152b436a38bdf635c85e4ef591850ef0f71076b2ecfda4ba5# Exploit Title: Queue Management System 4.0.0 - "Add User" Stored XSS
# Exploit Author: Kislay Kumar
# Date: 2020-12-21
# Google Dork: N/A
# Vendor Homepage: http://codekernel.net/
# Software Link: https://codecanyon.net/item/queue-management-system/22029961
# Affected Version: Version 4.0.0
# Patched Version: Unpatched
# Category: Web Application
# Tested on: Kali Linux
Step 1. Login as admin.
Step 2. Select "Users" from menu and click on "Add User .
Step 3. Insert payload - "><svg/onload=alert(1)> in "Firtst Name" , " Last
Name "and " Email ".
Step 4. Now open "User List " from menu and you will get alert box.
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed