# Exploit Title: Hospital Management System 4.0 Stored Cross-Site Scripting Vulnerability # Date: 2020-01-20 # Exploit Author: Priyanka Samak # Vendor Homepage: https://phpgurukul.com/ # Software Link : https://phpgurukul.com/hospital-management-system-in-php/ # Software : Hospital Management System # Version : 4.0 # Vulernability Type : Cross-site Scripting # Vulenrability : Stored XSS # Tested on: Windows 10 # This application is vulnerable to Stored XSS vulnerability. This # Vulnerability exists in the DOCTOR Module of the application. # Vulnerable script: http://localhost/hospital/hms/doctor/add-patient.php # Vulnerable parameter: “Medical History” Input Field # Payload used: # POC: http://localhost/hospital/hms/doctor/add-patient.php in this # URL you can add the patient information. # Enter your payload into the Medical History field. Click on # the Manage Patient page and View the information, you will see your Javascript code executes. Thanks, Priyanka Samak