Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

tramyardg-hotel-mgmt-system of version2022.4 has a Cross Site Script(XSS) vulnerability #22

Closed
youyou-pm10 opened this issue Dec 28, 2022 · 0 comments
Assignees

Comments

@youyou-pm10
Copy link

List of Vulnerable path

Vulnerable path /app/process_update_profile.php
Lines 32-37 of the "process_update_profile.php" file,there is no filtering,so cause Cross Site Script.
xss1.png
In fact,the filter was forgot.Another file has a filter . Its path /app/process_registration.php
xss2.png
xss3.png
The data is safe when user register,but it is unsafe after update.

Vulnerability exploitation process:

register a new account.
reg1.png
reg2.png
login the user and click "update profile".
up1.png
input poc and submit.
a1.png
The administrator will trigger it.
a2.png
a3.png

POC code:

<script>alert('youyou_pm10'+document.cookie);</script>
@tramyardg tramyardg self-assigned this Feb 26, 2023
tramyardg added a commit that referenced this issue Feb 26, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants