Xeroneit library management system 3.1 "add book category " stored xss Vulnerability / Exploit

  /     /     /  

Exploits / Vulnerability Discovered : 2020-12-18 | Type : webapps | Platform : php
This exploit / vulnerability Xeroneit library management system 3.1 "add book category " stored xss is for educational purposes only and if it is used you will do on your own risk!

[+] Code ...

# Exploit Title: Xeroneit Library Management System 3.1 - "Add Book Category " Stored XSS
# Exploit Author: Kislay Kumar
# Date: 2020-12-18
# Vendor Homepage: https://xeroneit.net/
# Software Link: https://xeroneit.net/portfolio/library-management-system-lms
# Affected Version: Version 3.1
# Tested on: Kali Linux

Step 1. Login to the application as Admin.

Step 2. Select "Book" from menu and click on "Book Category" . Now , click
on "Add" Button.

Step 3. Insert payload - "><img src onerror=alert(1)> , in "Category Name"
and Save it.

Step 4. Now you will see an alert box .

Xeroneit library management system 3.1 "add book category " stored xss


Last added Exploits Vulnerabilities

▸ soplanning 1.52.01 (simple online planning tool) - remote code execution (rce) (authenticated) ◂
Discovered: 2024-11-15
Type: webapps
Platform: php
▸ rengine 2.2.0 - command injection (authenticated) ◂
Discovered: 2024-10-01
Type: webapps
Platform: multiple
▸ opensis 9.1 - sqli (authenticated) ◂
Discovered: 2024-10-01
Type: webapps
Platform: php



Tags:
Xeroneit library management system 3.1 "add book category " stored xss Vulnerability / Exploit