Xeroneit Library Management System 3.1 - "Add Book Category " Stored XSS

2020-12-19
ID: 103785
CVE: None
Download vulnerable application: None
# Exploit Title:  
# Exploit Author: Kislay Kumar
# Date: 2020-12-18
# Vendor Homepage: https://xeroneit.net/
# Software Link: https://xeroneit.net/portfolio/library-management-system-lms
# Affected Version: Version 3.1
# Tested on: Kali Linux

Step 1. Login to the application as Admin.

Step 2. Select "Book" from menu and click on "Book Category" . Now , click
on "Add" Button.

Step 3. Insert payload - "><img src onerror=alert(1)> ,  in "Category Name"
and Save it.

Step 4. Now you will see an alert box .
1-4-2 (www01)