| عنوان | SourceCodester Sales and Inventory System 1.0 Cross Site Scripting |
|---|
| الوصف | A reflected cross-site scripting (XSS) vulnerability exists in Sales and Inventory System 1.0. The vulnerability is located in the index.php login page. The application fails to sanitize the GET parameter 'msg' before reflecting it in the response, allowing a remote attacker to execute arbitrary JavaScript in the victim's browser without authentication. |
|---|
| المصدر | ⚠️ https://github.com/meifukun/Web-Security-PoCs/blob/main/Inventory-System/XSS-Index-msg.md |
|---|
| المستخدم | 563742137abc (UID 95813) |
|---|
| ارسال | 25/03/2026 02:57 AM (25 أيام منذ) |
|---|
| الاعتدال | 08/04/2026 05:12 PM (15 days later) |
|---|
| الحالة | مكرر |
|---|
| إدخال VulDB | 354203 [SourceCodester Sales and Inventory System 1.0 Parameter index.php msg البرمجة عبر المواقع] |
|---|
| النقاط | 0 |
|---|