| عنوان | PHPJABBERS Restaurant Menu Maker V1.1 Cross Site Scripting |
|---|
| الوصف | During the security assessment of "Restaurant Menu Maker Project", I detected a critical Cross-Site Scripting vulnerability in the "preview.php" file. The vulnerability occurs when user-controlled input from the "theme" parameter is reflected in the web page without proper output encoding. This allows attackers to craft malicious URLs containing JavaScript payloads that will be executed when victims visit the compromised page. |
|---|
| المصدر | ⚠️ https://github.com/485961590/CVE/issues/1 |
|---|
| المستخدم | nyxswl (UID 90273) |
|---|
| ارسال | 16/09/2025 11:04 AM (7 أشهر منذ) |
|---|
| الاعتدال | 21/09/2025 06:14 PM (5 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 325184 [PHPJabbers Restaurant Menu Maker حتى 1.1 /preview.php theme البرمجة عبر المواقع] |
|---|
| النقاط | 20 |
|---|