# Exploit Title: PHPGurukul hostel-management-system 2.1 allows XSS via
Guardian Name, Guardian Relation, Guardian Contact no, Address, City
# Google Dork: N/A
# Date: 2020-10-08
# Exploit Author: Kokn3t
# Vendor Homepage: https://phpgurukul.com
# Software Link: https://phpgurukul.com/hostel-management-system
# Version: V 2.1
# Tested on: Windows 10, Kali 2020.1
# CVE : CVE-2020-25270
######## Attack Vector ########
Install Hostel Management System V 2.1
1) User Module
Login as user and go to "Book Hostel"
(http:/localhost/hostel/book-hostel.php) and start booking.
Add malicious script in these fields - "<script>alert('XSS');</script>"
i. Guardian Name
ii. Guardian Relation
iii.Guardian Contact no
iv. Address
vi. City
After that will get a prompt "Student Successfully register" and after
pressing "See All", XSS will be triggered.
2) Admin Module
Login in as Admin and go to "Management Students", and "View Full details"
of booked student's record, XSS will be triggered also.Credits and Partners
All rights reserved nPulse.net 2009 - 2024
Powered by: MVCP 2.0-RC / BVCP / ASPF-MILTER / PHP 7.4 / NGINX / FreeBSD
