Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-7840 PoC — Campcodes Online Movie Theater Seat Reservation System Reserve Your Seat Page index.php cross site scripting

Source
https://github.com/byteReaper77/CVE-2025-7840
Associated Vulnerability
Title:Campcodes Online Movie Theater Seat Reservation System Reserve Your Seat Page index.php cross site scripting (CVE-2025-7840)
Description:A vulnerability was found in Campcodes Online Movie Theater Seat Reservation System 1.0. It has been classified as problematic. This affects an unknown part of the file /index.php?page=reserve of the component Reserve Your Seat Page. The manipulation of the argument Firstname/Lastname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Description
Proof‑of‑concept exploit for CVE‑2025‑7840 that injects malicious payloads into the Firstname parameter of a reservation form to trigger XSS
Readme
# XSS Exploit for CVE-2025-7840

**Author**: Byte Reaper (@ByteReaper0)

## Description

Proof‑of‑concept exploit for **CVE-2025-7840**, targeting a vulnerable web application endpoint that fails to sanitize user input on the `Firstname` parameter of a reservation form. By crafting a GET request to:

```
/index.php?page=reserve&Firstname=<payload>&Lastname=test
```

an attacker can inject and execute arbitrary JavaScript in the victim’s browser when the response is rendered.

## Features

* Inject custom payloads with `-b` option
* Handle cookie-based sessions via `-c` option
* Verbose logging for request/response analysis (`-v`)
* Built-in set of common XSS payloads

## Requirements

* Linux or macOS
* GCC (or compatible C compiler)
* `libcurl` development headers
* `argparse` library for C

## Installation

1. Compile the exploit:

   ```
   gcc -o exploit exploit.c argparse.c -lcurl 
   ```

## Usage

```
sudo ./exploit -u <TARGET_URL> [options]
```

### Options

| Flag         | Description                                  |
| ------------ | -------------------------------------------- |
| `-u` URL     | Target base URL (e.g. `http://victim.local`) |
| `-b` PAYLOAD | Custom XSS payload to inject                 |
| `-c` FILE    | Cookie jar file to use for session handling  |
| `-v`         | Verbose mode (show request/response details) |

### Examples

* Run default payloads against a target:

  ```
  sudo ./exploit -u http://victim.local
  ```

* Use a custom payload:

  ```
  sudo ./exploit -u http://victim.local -b "<script>alert(\'PWNED\')</script>"
  ```

* Include session cookies and verbose output:

  ```
  sudo ./exploit -u http://victim.local -c cookies.txt -v
  ```

## Disclaimer

This code is provided for educational and testing purposes only. Unauthorized use against systems you do not own or have explicit permission to test is illegal and unethical.

## References

* CVE-2025-7840: XSS in reservation form
* Author Telegram: @ByteReaper0
## LICENSE:
MIT
File Snapshot

 [4.0K]  /data/pocs/484ac3b0c0b75e6351583ecf3c100e458f9a76fd
├── [ 16K]  exploit.c
├── [1.0K]  LICENSE
└── [2.0K]  README.md

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →