# Exploit Title: Automatic Question Paper Generator System 1.0 - Cross-site scripting stored
# Date: 2022-11-03
# Exploit Author: Mr Empy
# Software Link: https://www.sourcecodester.com/php/15190/automatic-question-paper-generator-system-phpoop-free-source-code.html
# Version: 1.0
# Tested on: Linux
Automatic Question Paper Generator System 1.0 - Cross-site scripting stored
The Automatic Question Paper Generator in version 1.0 is vulnerable to
thwarting of browser resources and session cookie theft.
Automatic Question Paper Generator v1.0
Steps to Reproduce:
1. Open your browser, create an account on the site and log into it (
2. Click on your profile icon and then click on My Account. The field
called "First Name", "Middle Name", "Last Name" are vulnerable to XSS,
inject the payload into one of them and then save your changes.