Design a site like this with WordPress.com
Get started

PHP B2B Script – Stored XSS (CVE-2018-20138)

 

Process to do stored XSS in Php mall (POC):

↓↓↓ STORED XSS ↓↓↓

CVE-2018-20138

 

First, sign up on “http://readymadeb2bscript.com/product/entrepreneur/” ↓

 

Sign up on that website ↓

After sign up, login in on that website ↓

Refresh the page
Go to Account Settings ↓

Put XSS value to all boxes
Save it and refresh ↓

 

 

Now you can see the XSS popup ↓

Advertisement
Privacy Settings

7 thoughts on “PHP B2B Script – Stored XSS (CVE-2018-20138)

Add yours

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Blog at WordPress.com.

Up ↑

%d bloggers like this: