Published on October 4th, 2021 📆 | 3121 Views ⚑
0College Management System 1.0 Cross Site Scripting – Torchsec
https://www.ispeech.org/text.to.speech
# Date: 01/10/2021
# Exploit Author: Abdulrahman https://twitter.com/infosec_90
# Vendor Homepage: https://www.eedunext.com/
# Software Link: https://code-projects.org/college-management-system-in-php-with-source-code/
# Version: 1.0
# Tested on: Kali Linux
in admin/time-table.php in line 1 :
< ?php
session_start();
if (!$_SESSION["LoginAdmin"])
{
header('location:../login/login.php');
}
require_once "../connection/connection.php";
?>
in admin/time-table.php in line 17 - 27 :
$course_code=$_POST["course_code"];
$semester=$_POST["semester"];
$timing_from=$_POST["timing_from"];
$timing_to=$_POST["timing_to"];
$day=$_POST["day"];
$subject_code=$_POST["subject_code"];
$room_no=$_POST["room_no"];
is vulnerable to XSS and SqlInjection
--
Table structure for table `time_table`
--
CREATE TABLE `time_table` (
`id` int(11) NOT NULL,
`course_code` varchar(10) NOT NULL,
`semester` int(11) NOT NULL,
`timing_from` varchar(10) NOT NULL,
`timing_to` varchar(10) NOT NULL,
`day` varchar(20) NOT NULL,
`subject_code` varchar(20) NOT NULL,
`room_no` int(11) NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
20 char
POC :
< !doctype html>
Gloss