Search for hundreds of thousands of exploits

"Hostel Management System 2.1 - Cross Site Scripting (Multiple Fields)"

Author

Exploit author

Kokn3t

Platform

Exploit platform

php

Release date

Exploit published date

2020-10-19

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
# Exploit Title: PHPGurukul hostel-management-system 2.1 allows XSS via
Guardian Name, Guardian Relation, Guardian Contact no, Address, City
# Google Dork: N/A
# Date: 2020-10-08
# Exploit Author: Kokn3t
# Vendor Homepage: https://phpgurukul.com
# Software Link: https://phpgurukul.com/hostel-management-system
# Version:  V 2.1
# Tested on: Windows 10, Kali 2020.1
# CVE : CVE-2020-25270

######## Attack Vector ########

Install Hostel Management System V 2.1

1) User Module

    Login as user and go to "Book Hostel"
(http:/localhost/hostel/book-hostel.php) and start booking.

    Add malicious script in these fields - "<script>alert('XSS');</script>"

    i. Guardian Name

    ii. Guardian Relation

    iii.Guardian Contact no

    iv. Address

    vi. City

    After that will get a prompt "Student Successfully register" and after
pressing "See All", XSS will be triggered.

2) Admin Module

Login in as Admin and go to "Management Students", and "View Full details"
of booked student's record, XSS will be triggered also.
Release Date Title Type Platform Author
2020-12-02 "aSc TimeTables 2021.6.2 - Denial of Service (PoC)" local windows "Ismael Nava"
2020-12-02 "IDT PC Audio 1.0.6433.0 - 'STacSV' Unquoted Service Path" local windows "Manuel Alvarez"
2020-12-02 "Anuko Time Tracker 1.19.23.5311 - No rate Limit on Password Reset functionality" webapps php "Mufaddal Masalawala"
2020-12-02 "Mitel mitel-cs018 - Call Data Information Disclosure" remote linux "Andrea Intilangelo"
2020-12-02 "Ksix Zigbee Devices - Playback Protection Bypass (PoC)" remote multiple "Alejandro Vazquez Vazquez"
2020-12-02 "Artworks Gallery 1.0 - Arbitrary File Upload RCE (Authenticated) via Edit Profile" webapps multiple "Shahrukh Iqbal Mirza"
2020-12-02 "ChurchCRM 4.2.0 - CSV/Formula Injection" webapps multiple "Mufaddal Masalawala"
2020-12-02 "DotCMS 20.11 - Stored Cross-Site Scripting" webapps multiple "Hardik Solanki"
2020-12-02 "ChurchCRM 4.2.1 - Persistent Cross Site Scripting (XSS)" webapps multiple "Mufaddal Masalawala"
2020-12-02 "Microsoft Windows - Win32k Elevation of Privilege" local windows nu11secur1ty
Release Date Title Type Platform Author
2020-10-19 "Hostel Management System 2.1 - Cross Site Scripting (Multiple Fields)" webapps php Kokn3t
import requests
response = requests.get('https://www.nmmapper.com/api/v1/exploitdetails/48905/?format=json')

For full documentation follow the link above

Cipherscan. Find out which SSL ciphersuites are supported by a target.

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.