Share
## https://sploitus.com/exploit?id=PACKETSTORM:177890
# Exploit Title: Hospital Management System v1.0 - Stored Cross Site Scripting (XSS)  
# Google Dork: NA  
# Date: 28-03-2024  
# Exploit Author: Sandeep Vishwakarma  
# Vendor Homepage: https://code-projects.org  
# Software Link: https://code-projects.org/hospital-management-system-in-php-css-javascript-and-mysql-free-download/  
# Version: v1.0  
# Tested on: Windows 10  
# CVE : CVE-2024-29412  
# Description: Stored Cross Site Scripting vulnerability in  
Hospital Management System - v1.0 allows an attacker to execute arbitrary  
code via a crafted payload to the 'patient_id',  
'first_name','middle_initial' ,'last_name'" in /receptionist.php component.  
  
# POC:  
1. Go to the User Login page: "  
http://localhost/HospitalManagementSystem-gh-pages/  
2. Login with "r1" ID which is redirected to "  
http://localhost/HospitalManagementSystem-gh-pages/receptionist.php"  
endpoint.  
3. In Patient information functionality add this payload  
"><script>alert('1')</script> ,in all parameter.  
4. click on submit.  
  
# Reference:  
https://github.com/hackersroot/CVE-PoC/blob/main/CVE-2024-29412.md