header-logo
Suggest Exploit
vendor:
PHPCRUD
by:
Mahendra Purbia
7.5
CVSS
HIGH
Stored Cross Site Scripting
79
CWE
Product Name: PHPCRUD
Affected Version From: 1.0
Affected Version To: 1.0
Patch Exists: NO
Related CWE: N/A
CPE: a:egavilanmedia:phpcrud:1.0
Metasploit: N/A
Other Scripts: N/A
Platforms Tested: Windows 10
2020

EgavilanMedia PHPCRUD 1.0 – ‘Full Name’ Stored Cross Site Scripting

EgavilanMedia PHPCRUD 1.0 is vulnerable to Stored Cross Site Scripting. An attacker can inject malicious JavaScript code into the 'Full Name' parameter, which will be stored in the database and executed when the page is loaded. To exploit this vulnerability, an attacker can go to http://localhost/PHPCRUD/, click on 'add new record' and fill the details with a malicious JavaScript payload, such as ':"><svg onload=alert(1)//'. When the page is reloaded, the malicious payload will be executed.

Mitigation:

Input validation should be used to prevent malicious code from being stored in the database. Additionally, the application should be configured to escape special characters when displaying user input.
Source

Exploit-DB raw data:

# Exploit Title: EgavilanMedia PHPCRUD 1.0 - 'Full Name' Stored Cross Site Scripting
# Exploit Author: Mahendra Purbia
# Vendor Homepage: http://egavilanmedia.com
# Software Link: https://egavilanmedia.com/crud-operation-with-php-mysql-bootstrap-and-dompdf/
# Version: 1.0
# Tested on: Windows 10

Vulnerable Parameters: Full Name
Steps for reproduce:
 1. go to http://localhost/PHPCRUD/
 2. now click on "add new record" and fill the details (in first name name use :"><svg onload=alert(1)// )
 3. Now reload the page and you will see that our XSS payload executed . Its an Stored XSS.

Navigation

Suggest Exploit

Services By CQR