| عنوان | SourceCodester Inventory System using PHP and MySQL Source Code 1.0 Cross Site Scripting |
|---|
| الوصف | he fullname and username input fields fail to sanitize or encode user-supplied input before storing it in the database. When an administrator visits the User Management page (users.php), the unsanitized payloads are rendered directly in the HTML context, causing immediate JavaScript execution in the admin's browser session. |
|---|
| المصدر | ⚠️ https://github.com/Xmyronn/Stored-XSS-in-Inventory-System-using-PHP-and-MySQL.git |
|---|
| المستخدم | imad alvi (UID 97088) |
|---|
| ارسال | 24/05/2026 01:53 AM (16 أيام منذ) |
|---|
| الاعتدال | 07/06/2026 06:01 PM (15 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 369138 [SourceCodester Inventory System 1.0 User Management Page /users.php fullname/username البرمجة عبر المواقع] |
|---|
| النقاط | 19 |
|---|