[] NeoSense
E X P L O I T S
title author type platform port cve id

Budget Management System 1.0 - 'Budget title' Stored XSS

Author: Jitendra Kumar Tripathi
type: webapps
platform: php
port: 
date_added: 2021-03-29 
date_updated: 2021-03-29 
verified: 0 
codes:  
tags: 
aliases:  
screenshot_url:  
application_url: 
# Exploit Title: Budget Management System 1.0 - 'Budget title' Stored XSS
# Exploit Author: Jitendra Kumar Tripathi
# Vendor Homepage: https://www.sourcecodester.com/
# Software Link: https://www.sourcecodester.com/php/14403/budget-management-system.html
# Version: 1
# Tested on Windows 10 + Xampp 8.0.3

XSS IMPACT:
1: Steal the cookie
2: User redirection to a malicious website

Vulnerable Parameters: Customer Details

*Steps to reproduce:*
 Add Budget Title
 Payload : <script>alert(1)</script>
 Reload the http://localhost/Budget%20Management%20System/index.php or update the budget , the xss will get triggered.
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.