Exploit for Xeroneit Library Management System 3.1 Cross Site Scripting

Name: Exploit for Xeroneit Library Management System 3.1 Cross Site Scripting
Rating: 5 (186 reviews)

2020-12-18 | CVSS -0.3

## https://sploitus.com/exploit?id=PACKETSTORM:160620
# Exploit Title: Xeroneit Library Management System 3.1 - "Add Book Category " Stored XSS  
# Exploit Author: Kislay Kumar  
# Date: 2020-12-18  
# Vendor Homepage: https://xeroneit.net/  
# Software Link: https://xeroneit.net/portfolio/library-management-system-lms  
# Affected Version: Version 3.1  
# Tested on: Kali Linux  
  
Step 1. Login to the application as Admin.  
  
Step 2. Select "Book" from menu and click on "Book Category" . Now , click  
on "Add" Button.  
  
Step 3. Insert payload - "><img src onerror=alert(1)> , in "Category Name"  
and Save it.  
  
Step 4. Now you will see an alert box .