Responsive elearning system 1.0 stored cross site scripting Vulnerability / Exploit

  /     /     /  

Exploits / Vulnerability Discovered : 2021-01-06 | Type : webapps | Platform : php
This exploit / vulnerability Responsive elearning system 1.0 stored cross site scripting is for educational purposes only and if it is used you will do on your own risk!

[+] Code ...

# Exploit Title: Responsive E-Learning System 1.0 – Stored Cross Site Scripting
# Date: 2020-12-24
# Exploit Author: Kshitiz Raj(manitorpotterk)
# Vendor Homepage: https://www.sourcecodester.com/php/5172/responsive-e-learning-system.html
# Software Link: https://www.sourcecodester.com/download-code?nid=5172&title=Responsive+E-Learning+System+using+PHP%2FMySQLi+with+Source+Code
# Version: 1.0
# Tested on: Windows 10/Kali Linux

Step 1- Go to url http://localhost/elearning/admin/index.php
Step 2 – Login as admin.
Step 3 – Go to http://localhost/elearning/admin/course.php
Step 4 – click on Edit course (any course)
Step 5 – Enter *Course Year And Section:* as <script>alert()</script> and fill the other values.
Step 6 – Click Save

XSS popup will be triggered.

Responsive elearning system 1.0 stored cross site scripting


Last added Exploits Vulnerabilities

▸ soplanning 1.52.01 (simple online planning tool) - remote code execution (rce) (authenticated) ◂
Discovered: 2024-11-15
Type: webapps
Platform: php
▸ rengine 2.2.0 - command injection (authenticated) ◂
Discovered: 2024-10-01
Type: webapps
Platform: multiple
▸ opensis 9.1 - sqli (authenticated) ◂
Discovered: 2024-10-01
Type: webapps
Platform: php



Tags:
Responsive elearning system 1.0 stored cross site scripting Vulnerability / Exploit