Title | code-projects farmacia-in-php v1.0 Cross Site Scripting |
---|
Description | There are unrestricted cross site scripting attacks and injection attacks in In pagamento.php of farmacia. The controllable parameters are as follows: total parameter. This function will execute the user parameter without restriction into the echo statement. Malicious attackers can exploit this vulnerability to obtain sensitive information from clients |
---|
Source | ⚠️ https://github.com/5p4rk/cve/blob/main/xss.md |
---|
User | sp4rksec (UID 78357) |
---|
Submission | 11/28/2024 12:50 PM (7 days ago) |
---|
Moderation | 11/29/2024 04:38 PM (1 day later) |
---|
Status | Accepted |
---|
VulDB Entry | 286411 [code-projects Farmacia 1.0 /pagamento.php total cross site scripting] |
---|
Points | 18 |
---|