Submit #475287: code-projects Online Book Shop 1.0 Cross Site Scriptinginfo

Titlecode-projects Online Book Shop 1.0 Cross Site Scripting
DescriptionIn the /subcat.php file, an unrestricted Cross-Site Scripting (XSS) vulnerability and injection attacks exist, specifically targeting the $catnm paremeter. The function echo the user-supplied parameter without validation. Malicious attackers can leverage this vulnerability to access sensitive client information.
Source⚠️ https://gist.github.com/th4s1s/03262c6ce877137b61d745a2e4fe8a63
User
 lio346 (UID 79690)
Submission01/06/2025 09:56 AM (4 months ago)
Moderation01/07/2025 08:51 AM (23 hours later)
StatusAccepted
VulDB Entry290450 [code-projects Online Book Shop 1.0 /subcat.php catnm cross site scripting]
Points19

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!