Exploit for Responsive E-Learning System 1.0 Cross Site Scripting

Name: Exploit for Responsive E-Learning System 1.0 Cross Site Scripting
Rating: 5 (148 reviews)

2021-01-06 | CVSS -0.3

## https://sploitus.com/exploit?id=PACKETSTORM:160822
# Exploit Title: Responsive E-Learning System 1.0 – Stored Cross Site Scripting  
# Date: 2020-12-24  
# Exploit Author: Kshitiz Raj(manitorpotterk)  
# Vendor Homepage: https://www.sourcecodester.com/php/5172/responsive-e-learning-system.html  
# Software Link: https://www.sourcecodester.com/download-code?nid=5172&title=Responsive+E-Learning+System+using+PHP%2FMySQLi+with+Source+Code  
# Version: 1.0  
# Tested on: Windows 10/Kali Linux  
  
Step 1- Go to url http://localhost/elearning/admin/index.php  
Step 2 – Login as admin.  
Step 3 – Go to http://localhost/elearning/admin/course.php  
Step 4 – click on Edit course (any course)  
Step 5 – Enter *Course Year And Section:* as <script>alert()</script> and fill the other values.  
Step 6 – Click Save  
  
XSS popup will be triggered.