Authored by Kislay Kumar

Library Management System version 3.0 suffers from a persistent cross site scripting vulnerability.

# Exploit Title:  Library Management System 3.0 - "Add Category" Stored XSS
# Exploit Author: Kislay Kumar
# Date: 2020-12-22
# Google Dork: N/A
# Vendor Homepage:
# Software Link:
# Affected Version: 3.0
# Patched Version: Unpatched
# Category: Web Application
# Tested on: Kali Linux

Step 1. Login as Admin.

Step 2. Select "Book" from menu and select "Categories" from sub menu and
after that click on "Add Category".

Step 3. Insert payload - "><img src onerror=alert(1)> in "Category Name"

Step 4. Now Click on "Save" , Go to "Category" and See last , there you
will get alert box.