Share
## https://sploitus.com/exploit?id=PACKETSTORM:160641
# Exploit Title: Queue Management System 4.0.0 - "Add User" Stored XSS  
  
# Exploit Author: Kislay Kumar  
# Date: 2020-12-21  
# Google Dork: N/A  
# Vendor Homepage: http://codekernel.net/  
# Software Link: https://codecanyon.net/item/queue-management-system/22029961  
# Affected Version: Version 4.0.0  
# Patched Version: Unpatched  
# Category: Web Application  
# Tested on: Kali Linux  
  
Step 1. Login as admin.  
  
Step 2. Select "Users" from menu and click on "Add User .  
  
Step 3. Insert payload - "><svg/onload=alert(1)> in "Firtst Name" , " Last  
Name "and " Email ".  
  
Step 4. Now open "User List " from menu and you will get alert box.