إرسال #51065: Unauthenticated Cross Site Scripting Vulnerability in Sanitization Management Systemالمعلومات

عنوانUnauthenticated Cross Site Scripting Vulnerability in Sanitization Management System
الوصفThe Sanitization Management System distributed by sourcecodester.com (https://www.sourcecodester.com/php/15770/sanitization-management-system-project-php-and-mysql-free-source-code.html) is vulnerable to unauthenticated Cross Site Scripting (php-sms/?p=request_quote). An attacker can craft a malicious Quote Request where both the Address and the Remarks Input Fields can be abused. Since the cookie does not have the HttpOnly flag it can be stolen whenever a logged-in user opens the Request in the Management Dashboard.
المستخدم
 maikroservice (UID 35150)
ارسال05/11/2022 11:37 AM (4 سنوات منذ)
الاعتدال11/11/2022 08:18 AM (6 days later)
الحالةتمت الموافقة
إدخال VulDB213449 [SourceCodester Sanitization Management System 1.0 Quote Requests Form php-sms/?p=request_quote البرمجة عبر المواقع]
النقاط17

Do you want to use VulDB in your project?

Use the official API to access entries easily!