Egavilanmedia user registration & login system with admin panel 1.0 stored cross site scripting Vulnerability / Exploit

  /     /     /  

Exploits / Vulnerability Discovered : 2020-12-02 | Type : webapps | Platform : multiple
This exploit / vulnerability Egavilanmedia user registration & login system with admin panel 1.0 stored cross site scripting is for educational purposes only and if it is used you will do on your own risk!

[+] Code ...

# Exploit Title: EgavilanMedia User Registration & Login System with Admin Panel 1.0 - Stored Cross Site Scripting
# Exploit Author: Soushikta Chowdhury
# Vendor Homepage: http://egavilanmedia.com
# Software Link: http://egavilanmedia.com/user-registration-and-login-system-with-admin-panel/
# Version: 1.0
# Tested on: Windows 10
# Contact: https://www.linkedin.com/in/soushikta-chowdhury/

Vulnerable Parameters: Full Name
Steps for reproduce:
1. Go to registration page
2. fill in the details & put <script>alert("soushikta")</script> payload in Full name.
3. Now goto Admin Panel. After entering go to Manage Users and go to the last page to check the newly added user. We could see that our payload gets executed.

Egavilanmedia user registration & login system with admin panel 1.0 stored cross site scripting


Last added Exploits Vulnerabilities

▸ soplanning 1.52.01 (simple online planning tool) - remote code execution (rce) (authenticated) ◂
Discovered: 2024-11-15
Type: webapps
Platform: php
▸ rengine 2.2.0 - command injection (authenticated) ◂
Discovered: 2024-10-01
Type: webapps
Platform: multiple
▸ opensis 9.1 - sqli (authenticated) ◂
Discovered: 2024-10-01
Type: webapps
Platform: php



Tags:
Egavilanmedia user registration & login system with admin panel 1.0 stored cross site scripting Vulnerability / Exploit