Enviar #171083: Authenticated cross-site scripting vulnerability via first name parameter at addsuppliers.phpinformación

TítuloAuthenticated cross-site scripting vulnerability via first name parameter at addsuppliers.php
Descripción## Summary: An Authenticated stored cross-site scripting vulnerability via first name parameter at addsuppliers.php inside the admin panel was discovered. ## Vendor: https://www.sourcecodester.com/php/16607/advance%C2%A0charity-management-system.html ## Download link: https://www.sourcecodester.com/sites/default/files/download/Aown-Shah/members.zip ## Version: v1.0 ## Proof of Concept: 1. Login as admin 2. Click on Add Users 3. Input [1] in First name field and other data in other respective fields 4. Click ADD 5. Click on dashboard 6. XSS Pop-up
Usuario
 kr1shna4garwal (UID 49100)
Sumisión2023-06-18 14:14 (hace 3 años)
Moderación2023-06-18 16:35 (2 hours later)
EstadoAceptado
Entrada de VulDB231807 [PuneethReddyHC online-shopping-system-advanced 1.0 addsuppliers.php First name secuencias de comandos en sitios cruzados]
Puntos17

Might our Artificial Intelligence support you?

Check our Alexa App!