Blood Bank & Donor Management System v2.2 Stored XSS Vulnerability

vendor:

Blood Donor Management System

by:

SoSPiro

6.1

CVSS

HIGH

Stored Cross-Site Scripting (XSS)

CWE

Product Name: Blood Donor Management System

Affected Version From: v2.2

Affected Version To: v2.2

Patch Exists: NO

Related CWE:

CPE: a:phpgurukul:blood_donor_management_system:2.2

Metasploit:

Other Scripts:

Platforms Tested: Windows

2023

Blood Bank & Donor Management System v2.2 Stored XSS Vulnerability

An attacker can store malicious script into the 'Adress', 'Email id', or 'Contact Number' fields in the /admin/update-contactinfo.php page. When a user accesses the http://bbdms.local/inedx.php page, the stored XSS payload gets executed, triggering the XSS attack.

Mitigation:

Sanitize and validate user inputs to prevent the execution of malicious scripts. Implement output encoding to render user-supplied data as harmless.

Source

Exploit-DB raw data:

# Exploit Title: Blood Bank & Donor Management System using v2.2 - Stored XSS
# Application: Blood Donor Management System
# Version: v2.2   
# Bugs:  Stored XSS
# Technology: PHP
# Vendor Homepage: https://phpgurukul.com/
# Software Link: https://phpgurukul.com/blood-bank-donor-management-system-free-download/
# Date: 12.09.2023
# Author: SoSPiro
# Tested on: Windows

#POC
========================================
1. Login to admin account
2. Go to /admin/update-contactinfo.php
3. Change "Adress" or " Email id " or " Contact Number" inputs and add "/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert('1') )//%0D%0A%0d%0a//</stYle/</titLe/</teXtarEa/</scRipt/--!>\x3csVg/<sVg/oNloAd=alert()//>\x3e" payload.
4. Go to http://bbdms.local/inedx.php page and XSS will be triggered.