Saturday, February 27, 2021

Doctor Appointment System 1.0 Cross Site Scripting

# Exploit Title: Doctor Appointment System 1.0 - Reflected POST based Cross Site Scripting (XSS) in comment parameter
# Date: 26-02-2021
# CVE: CVE-2021-27317
# Exploit Author: Soham Bakore
# Vendor Homepage: https://www.sourcecodester.com/php/14182/doctor-appointment-system.html
# Software Link: https://www.sourcecodester.com/php/14182/doctor-appointment-system.html
# Version: V1.0

Vulnerable File:
----------------
http://host/doctorappointment/contactus.php
<http://host/patient/search_result.php>

Vulnerable Issue:
-----------------
comment parameter has no input validation

POC:
----
1] Navigate to http://host/doctorappointment/contactus.php
2] In the comment parameter enter following payload to execute arbitrary
javascript code : '</script><svg/onload=alert(document.cookie)>
3] This can be used to steal cookies or perform phishing attacks on the web
application
------------------

# Exploit Title: Doctor Appointment System 1.0 - Reflected POST based Cross Site Scripting (XSS) in lastname parameter
# Date: 26-02-2021
# CVE: CVE-2021-27318
# Exploit Author: Soham Bakore
# Vendor Homepage: https://www.sourcecodester.com/php/14182/doctor-appointment-system.html
# Software Link: https://www.sourcecodester.com/php/14182/doctor-appointment-system.html
# Version: V1.0

Vulnerable File:
----------------
http://host/doctorappointment/contactus.php
<http://host/patient/search_result.php>

Vulnerable Issue:
-----------------
lastname parameter has no input validation

POC:
----
1] Navigate to http://host/doctorappointment/contactus.php
2] In the lastname parameter enter following payload to execute arbitrary
javascript code : '</script><svg/onload=alert(document.cookie)>
3] This can be used to steal cookies or perform phishing attacks on the web
application
 

Copyright © 2020 Cyber Details - Vulnerability Database™

Thanks for everything Templateism - You should have written the code a little more complicated