Submit #592440: PHPGurukul Rail Pass Management System V1.0 Cross Site Scriptinginfo

TitelPHPGurukul Rail Pass Management System V1.0 Cross Site Scripting
BeschreibungDuring the security assessment of "Rail Pass Management System", I detected a critical Cross-Site Scripting vulnerability in the "/rpms/download-pass.php" file. This vulnerability is attributed to the insufficient sanitization and validation of user input for the "searchdata" parameter. This inadequacy enables attackers to inject malicious JavaScript payloads that execute within the context of the application domain. Consequently, attackers can compromise user accounts, steal sensitive information, and manipulate application functionality. Immediate corrective actions are essential to safeguard user security and maintain trust.
Quelle⚠️ https://github.com/kakalalaww/CVE/issues/9
Benutzer
 Jww0KA (UID 86269)
Einreichung07.06.2025 17:33 (vor 1 Jahr)
Moderieren10.06.2025 13:45 (3 days later)
StatusAkzeptiert
VulDB Eintrag311853 [PHPGurukul Rail Pass Management System 1.0 /rpms/download-pass.php searchdata Cross Site Scripting]
Punkte20

ZurückÜbersichtWeiter

Do you need the next level of professionalism?

Upgrade your account now!