Visitor Management System in PHP 1.0 – Unauthenticated Stored XSS

Posted by Ava Tester One on Sep 22

# Title: Visitor Management System in PHP 1.0 – Unauthenticated Stored XSS
# Exploit Author: Rahul Ramkumar
# Date: 2020-09-16
# Vendor Homepage: https://projectworlds.in
# Software Link:
https://projectworlds.in/wp-content/uploads/2020/07/Visitor-Management-System-in-PHP.zip
# Version: 1.0
# Tested On: Windows 10 Enterprise 1809 (x64_86) + XAMPP 7.2.33-1
# CVE: CVE-2020-25761
# Description: The file myform.php does not perform input validation…

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Patreon

Original Source