Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Exploit Title: Online marriage registration system v1.0- Multiple XSS vulnerabilities
- # Date: 5-3-2024
- # Category: Web Application
- # Version: 3.3
- # Tested on: Windows/Kali
- # CVE: CVE-2024-28456
- Description:
- ----------------
- Cross Site Scripting vulnerability in Campcodes Online Marriage Registration System v.1.0 allows a remote attacker to execute arbitrary code via the the text fields in the marriage registration request form.
- XSS Payload
- ------------------
- <script>alert(1)</script>
- Steps to reproduce
- --------------------------
- -Login with your creds
- -Navigate to registration form
- -Enter any XSS payload in the text fields and submit the form
- -These XSS payloads are executed when the admin tries to view the marriage registration request
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement