Online Health Care System 1.0 - Multiple Cross Site Scripting (Stored)

vendor:

Online Health Care System

by:

Akıner Kısa

8.8

CVSS

HIGH

Cross Site Scripting (Stored)

CWE

Product Name: Online Health Care System

Affected Version From: 1.0

Affected Version To: 1.0

Patch Exists: NO

Related CWE: N/A

CPE: a:sourcecodester:online_health_care_system:1.0

Metasploit: N/A

Other Scripts: N/A

Platforms Tested: XAMPP

2020

Online Health Care System 1.0 – Multiple Cross Site Scripting (Stored)

Online Health Care System 1.0 is vulnerable to Cross Site Scripting (Stored) vulnerability. An attacker can inject malicious JavaScript code into the First Name and Last Name fields of the registration page. The malicious code will be stored in the database and will be executed when the user/doctor account is viewed on the admin panel or http://localhost/healthcare/admin/user_detail.php?id=<userid> address.

Mitigation:

Input validation should be used to prevent malicious code from being stored in the database.

Source

Exploit-DB raw data:

# Exploit Title: Online Health Care System 1.0 - Multiple Cross Site Scripting (Stored)
# Google Dork: N/A
# Date: 2020/10/24
# Exploit Author: Akıner Kısa
# Vendor Homepage: https://www.sourcecodester.com/php/14526/online-health-care-system-php-full-source-code-2020.html
# Software Link: https://www.sourcecodester.com/sites/default/files/download/janobe/healthcare_0.zip
# Version: 1.0
# Tested on: XAMPP 
# CVE : N/A

Vulnerable Pages:
http://localhost/healthcare/Users/registration.php
http://localhost/healthcare/Doctor/doctor_registration.php

Proof of Concept:

1 - Go to vulnerable pages and fill the "First Name" and "Last Name" blanks with <script>alert(1)</script> payload.

2 - And check user/doctor account on admin panel or http://localhost/healthcare/admin/user_detail.php?id=<userid> adres.