| Titel | code-projects.org Simple Content Management System in php 1.0 Cross Site Scripting |
|---|
| Beschreibung | A Stored XSS vulnerability exists in Simple Content Management System 1.0. The News Title field in /web/admin/welcome.php does not sanitize input before storing it in the database. The payload executes on /web/index.php for every visitor, allowing cookie theft and session hijacking. |
|---|
| Quelle | ⚠️ https://github.com/Xmyronn/simple-cms-stored-xss-news-title |
|---|
| Benutzer | imad alvi (UID 97088) |
|---|
| Einreichung | 05.04.2026 03:22 (vor 2 Monaten) |
|---|
| Moderieren | 13.04.2026 10:24 (8 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 357107 [code-projects Simple Content Management System 1.0 /web/admin/welcome.php News Title Cross Site Scripting] |
|---|
| Punkte | 18 |
|---|