PHPGurukul Apartment Visitors Management System Stored Cross-Site Scripting Vulnerability

A stored cross-site scripting vulnerability has been identified in PHPGurukul Apartment Visitors Management System version 1.0. The issue arises in the file '/admin-profile.php', where the 'adminname' parameter submitted via POST request is not properly sanitized or encoded before being displayed. This flaw allows attackers to inject malicious JavaScript that executes in the browsers of users, including administrators, who view the page. The vulnerability can be exploited remotely, and a public proof-of-concept is available.

Impact

Exploitation of this vulnerability allows for the execution of arbitrary JavaScript in the context of the affected user, potentially leading to cookie or session token theft, CSRF-like attacks, privilege escalation if an admin views the injected content, and exfiltration of sensitive data or redirection to malicious sites.

Reproduction

To reproduce this vulnerability, send a POST request to '/avms/admin-profile.php' with the 'adminname' parameter containing a script tag, such as '<script>alert(1)</script>'. This input will be saved and executed when the page is loaded.

Remediation

It is recommended to implement proper output encoding, input validation, and to apply a Content Security Policy (CSP).