| عنوان | PHPGurukul Car Rental Project V 3.0 a cross-site scripting (XSS) |
|---|
| الوصف | During the security assessment of "Car Rental Project in PHP and Mysql", a cross-site scripting (XSS) vulnerability was identified in " /carrental/search.php".
The vulnerability arises from insufficient sanitization of the "autofocus" parameter, which allows attackers to inject and execute malicious scripts in the browser of a victim visiting the affected page.
Depending on the authentication requirements, this issue could affect both unauthenticated visitors and authenticated users, including administrators. |
|---|
| المصدر | ⚠️ https://github.com/tddgns/cve/issues/1 |
|---|
| المستخدم | tddgns (UID 90187) |
|---|
| ارسال | 14/09/2025 10:09 AM (7 أشهر منذ) |
|---|
| الاعتدال | 21/09/2025 11:24 AM (7 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 325151 [PHPGurukul Car Rental Project 3.0 /carrental/search.php autofocus البرمجة عبر المواقع] |
|---|
| النقاط | 20 |
|---|