header-logo
Suggest Exploit
vendor:
Employee Record Management System
by:
Subhadip Nag (mrl0s3r)
8,8
CVSS
HIGH
Stored Cross-Site Scripting (XSS)
79
CWE
Product Name: Employee Record Management System
Affected Version From: 1.2
Affected Version To: 1.2
Patch Exists: NO
Related CWE: N/A
CPE: a:phpgurukul:employee_record_management_system:1.2
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Server: XAMPP
2021

Employee Record Management System 1.2 – Stored Cross-Site Scripting (XSS)

Employee Record Management System 1.2 is vulnerable to stored cross site scripting (xss) in the Edit My Education because of insufficient user supplied data. An attacker can exploit this vulnerability by entering malicious payloads in the Edit My Education and Edit My Exp fields and then clicking the Update button. This will cause the malicious payload to be stored in the database and executed when the user visits the My Education page.

Mitigation:

Input validation should be used to ensure that user supplied data is properly sanitized and validated before being stored in the database.
Source

Exploit-DB raw data:

# Exploit Title: Employee Record Management System 1.2 - Stored Cross-Site Scripting (XSS)
# Date: 07 July 2021
# Exploit Author: Subhadip Nag (mrl0s3r)
# Vendor Homepage: https://phpgurukul.com/
# Software Link: https://phpgurukul.com/employee-record-management-system-in-php-and-mysql/
# Tested on: Server: XAMPP

# Description #

Employee Record Management System 1.2 is vulnerable to stored cross site scripting (xss) in the Edit My Education because of insufficient user supplied data.


# Proof of Concept (PoC) : Exploit #

1) Goto: http://localhost/ERMSP/erms/loginerms.php
2) Login: Login as a User(given username and password)
3) Go To Edit My Education and Edit My Exp
4) Enter the payload: <script>alert(1)</script>
5) Click Update
6) Go to 'My Education' option
7) Our XSS attack successful

# PoC image
1) https://ibb.co/LS78xjX
2) https://ibb.co/9G0Pbxb

Navigation

Suggest Exploit

Services By CQR