I was searching for an LMS (Learning Management System), which is like a CMS (Content Management System) but specifically designed for managing courses. During my search, I came across "Academy LMS 6.0". I purchased this product and decided to test it for vulnerabilities before uploading my courses and deploying it on my site.
Code Analysis
At application > controllers > Home.php, on line 855, we found the search function, and on lines 858 - 865, it is checked for XSS payloads.
Vulnerable Code
These checks only if $_GET['query'] contains " and script string.
