# Exploit Title: Responsive E-Learning System 1.0 – Stored Cross Site Scripting # Date: 2020-12-24 # Exploit Author: Kshitiz Raj(manitorpotterk) # Vendor Homepage: https://www.sourcecodester.com/php/5172/responsive-e-learning-system.html # Software Link: https://www.sourcecodester.com/download-code?nid=5172&title=Responsive+E-Learning+System+using+PHP%2FMySQLi+with+Source+Code # Version: 1.0 # Tested on: Windows 10/Kali Linux Step 1- Go to url http://localhost/elearning/admin/index.php Step 2 – Login as admin. Step 3 – Go to http://localhost/elearning/admin/course.php Step 4 – click on Edit course (any course) Step 5 – Enter *Course Year And Section:* as <script>alert()</script> and fill the other values. Step 6 – Click Save XSS popup will be triggered.
Credits and Partners
All rights reserved nPulse.net 2009 - 2024
Powered by: MVCP 2.0-RC / BVCP / ASPF-MILTER / PHP 7.4 / NGINX / FreeBSD
