Skip to content

Ko-kn3t/CVE-2020-25271

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 

CVE-2020-25271

PHPGurukul hospital-management-system-in-php 4.0 allows XSS via

admin/patient-search.php,

doctor/search.php,

book-appointment.php,

doctor/appointment-history.php, or

admin/appointment-history.php.

#Vendor - PHPGurukul

#Product -https://phpgurukul.com/hospital-management-system-in-php V 4.0

#Vulnerability Type - Cross Site Scripting (XSS)

#Addition Information - Single XSS payload will trigger in all Dashboard, so account take over will be occurred.

#Affected Component - Books > New Book ,[ http:///lms/index.php?page=books] http:///lms/index.php?page=books

#Attack Type- Local

#Privilege Escalation - true

#Impact Code execution - true

Attack Vector

Cross site scripting in Admin | View Patients (http://localhost/hospital/hms/admin/patient-search.php)

Stored XSS in User | Dashboard ( Name field)

Cross site scripting in Doctor | Manage Patients (http://localhost/hospital/hms/doctor/search.php)

Install Hospital Management System V 4.0

1) Patient Module


i. Create patient account account with username "<script>alert(XSS);</script>" , XSS will be triggered in every page of Patient Dashboard

ii. Make an appointment at "Book Appointment" (http://localhost/hospital/hms/book-appointment.php).

2) Doctor Module


i. Login as doctor who was requested appointment by malicious patient

ii. Go to "Appointment History" (http://localhost/hospital/hms/doctor/appointment-history.php), XSS will trigger also.

3) Admin Module

i. Login as admin ii. Go to "Appointment History" (http://localhost/hospital/hms/admin/appointment-history.php), XSS will trigger.

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published