| عنوان | CampCodes School Management Software 1.0 Stored Cross Site Scripting Vulnerability (XSS) |
|---|
| الوصف | Vulnerable Product URL: https://www.campcodes.com/downloads/school-management-software-in-php-mysql-full-source-code/
Vulnerability Name: Stored Cross Site Scripting (XSS) - Notice Module
Description:
The Notice Board Section of the Application is vulnerable to Stored Cross Site Scripting Vulnerability. Stored Cross-Site Scripting (XSS) is a type of web application vulnerability where an attacker injects malicious scripts into a web application, and the inserted scripts are stored on the server. When any user access the affected page, the stored script is executed in their browser at client side leading to unauthorised action.
Payload:
<img src=x onerror=alert(1)> |
|---|
| المصدر | ⚠️ https://github.com/anamika126/Stackofvulnerabilities/blob/main/Stored%20Cross%20Site%20Scripting%20-%20Notice%20Board.pdf |
|---|
| المستخدم | lucifer26 (UID 80405) |
|---|
| ارسال | 18/01/2025 02:20 PM (1 سنة منذ) |
|---|
| الاعتدال | 24/01/2025 11:05 AM (6 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 293238 [CampCodes School Management Software 1.0 Notice Board Page /notice-list إشعار البرمجة عبر المواقع] |
|---|
| النقاط | 20 |
|---|