إرسال #472194: PHPGurukul Land Record System 00.0.0.1 Cross Site Scriptingالمعلومات

عنوانPHPGurukul Land Record System 00.0.0.1 Cross Site Scripting
الوصفIn the directory '/landrecordsys/admin/admin-profile.php' in admin account, there is an unrestricted cross-site scripting (XSS) vulnerability and injection attacks in the "Land Record System" system on the 'Admin Name' parameter. This function will execute the user parameter without restriction. Malicious attackers can exploit this vulnerability to obtain sensitive information from clients. script: "><img src=x onerror=alert(document.cookie)>"</b>
المصدر⚠️ https://phpgurukul.com/land-record-system-using-php-and-mysql/
المستخدم
 Fergod (UID 55882)
ارسال30/12/2024 05:29 PM (2 سنوات منذ)
الاعتدال31/12/2024 09:58 AM (16 hours later)
الحالةتمت الموافقة
إدخال VulDB289836 [PHPGurukul Land Record System 1.0 /admin/admin-profile.php Admin Name البرمجة عبر المواقع]
النقاط20

Interested in the pricing of exploits?

See the underground prices here!