Visitor Management System in PHP 1.0 – Unauthenticated Stored XSS

September 22, 2020

Posted by Ava Tester One on Sep 22

# Title: Visitor Management System in PHP 1.0 – Unauthenticated Stored XSS
# Exploit Author: Rahul Ramkumar
# Date: 2020-09-16
# Vendor Homepage: https://projectworlds.in
# Software Link:
https://projectworlds.in/wp-content/uploads/2020/07/Visitor-Management-System-in-PHP.zip
# Version: 1.0
# Tested On: Windows 10 Enterprise 1809 (x64_86) + XAMPP 7.2.33-1
# CVE: CVE-2020-25761
# Description: The file myform.php does not perform input validation…

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Patreon

Original Source

You may have missed

image

[KILLSEC] – Ransomware Victim: Nationwide Legal

November 24, 2024
image

[KILLSEC] – Ransomware Victim: Eassy Life

November 24, 2024
image

[INCRANSOM] – Ransomware Victim: Service Avicole JGL

November 24, 2024
image

[KILLSEC] – Ransomware Victim: Vogue Homes

November 24, 2024
image

[KILLSEC] – Ransomware Victim: Efi Sales

November 24, 2024