Lucene search

K

Learning and Examination Management System - Cross-Site Scripting

πŸ—“οΈΒ 22 Feb 2018Β 00:00:00Reported byΒ Exploit-DBTypeΒ 
exploitdb
Β exploitdb
πŸ”—Β www.exploit-db.comπŸ‘Β 27Β Views

Learning and Examination Management System - Cross-Site Scripting vulnerabilit

Show more
Related
Code
ReporterTitlePublishedViews
Family
NVD
CVE-2018-6866
23 Feb 201813:29
–nvd
CVE
CVE-2018-6866
23 Feb 201813:29
–cve
Cvelist
CVE-2018-6866
23 Feb 201813:00
–cvelist
0day.today
Learning and Examination Management System - Cross-Site Scripting Vulnerability
22 Feb 201800:00
–zdt
Packet Storm
Learning And Examination Management System Script 2.3.1 XSS
23 Feb 201800:00
–packetstorm
Prion
Cross site scripting
23 Feb 201813:29
–prion
#######################################################
# Exploit Title: Learning and Examination Management System Script 2.3.1 – Stored XSS
# Date: 09.02.2018
# Vendor Homepage: https://www.phpscriptsmall.com/
# Software Link: https://www.phpscriptsmall.com/product/learning-examination-management-system/
# Category: Web Application
# Exploit Author: Prasenjit Kanti Paul
# Web: http://hack2rule.wordpress.com/
# Version: 2.3.1
# Tested on: Linux Mint
# CVE: CVE-2018-6866
#######################################################

Proof of Concept
-----------------
1. Login into the site
2. Goto β€œMessage” options
3. Put <script>alert("PKP")</script> as message / reply message
4. You will be having a popup β€œPKP”

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. ContactΒ us for a demo andΒ discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
22 Feb 2018 00:00Current
5.9Medium risk
Vulners AI Score5.9
EPSS0.001
27
.json
Report