| عنوان | code-projects.org Simple Content Management System in php 1.0 Cross Site Scripting |
|---|
| الوصف | A Stored XSS vulnerability exists in Simple Content Management System 1.0. The News Title field in /web/admin/welcome.php does not sanitize input before storing it in the database. The payload executes on /web/index.php for every visitor, allowing cookie theft and session hijacking. |
|---|
| المصدر | ⚠️ https://github.com/Xmyronn/simple-cms-stored-xss-news-title |
|---|
| المستخدم | imad alvi (UID 97088) |
|---|
| ارسال | 05/04/2026 03:22 AM (2 أشهر منذ) |
|---|
| الاعتدال | 13/04/2026 10:24 AM (8 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 357107 [code-projects Simple Content Management System 1.0 /web/admin/welcome.php News Title البرمجة عبر المواقع] |
|---|
| النقاط | 18 |
|---|