# Exploit Title: Responsive E-Learning System 1.0 – Stored Cross Site Scripting # Date: 2020-12-24 # Exploit Author: Kshitiz Raj(manitorpotterk) # Vendor Homepage: https://www.sourcecodester.com/php/5172/responsive-e-learning-system.html # Software Link: https://www.sourcecodester.com/download-code?nid=5172&title=Responsive+E-Learning+System+using+PHP%2FMySQLi+with+Source+Code # Version: 1.0 # Tested on: Windows 10/Kali Linux Step 1- Go to url http://localhost/elearning/admin/index.php Step 2 – Login as admin. Step 3 – Go to http://localhost/elearning/admin/course.php Step 4 – click on Edit course (any course) Step 5 – Enter *Course Year And Section:* as and fill the other values. Step 6 – Click Save XSS popup will be triggered.