Enviar #213203: courier management system suffer from cross site scripting(xss)información

Títulocourier management system suffer from cross site scripting(xss)
Descripción# Exploit Title: Courier Management System Suffer From Stored Cross Site Scripting(xss) # Exploit Author: Rohit Sharma (r0x5r) # Vendor Name: mayuri_k # Vendor Homepage: https://www.sourcecodester.com/php/16848/best-courier-management-system-project-php.html # Software Link: https://www.sourcecodester.com/php/16848/best-courier-management-system-project-php.html # Version: v1.0 # Tested on: window, xampp ,apache vulnerbailty description:- Courier Management System Suffer From Stored Cross Site Scripting(xss) vulnerability Vulnerable Parameters: action , id how to reproduce this vulnerabilty:- 1:- host this web on local host 2:- go to this url http://127.0.0.1/[web_name] 3:- enter username [email protected] and password suhit 4:- click on manage account >> in first name paste this "><img src=x onerror=alert(1)> >> in last name paste this "><img src=x onerror=alert(1)> >> click on save >> xss payload will popup
Fuente⚠️ https://github.com/rohit0x5/poc/blob/main/cve_2
Usuario
 rohit_12 (UID 34208)
Sumisión2023-09-26 18:46 (hace 3 años)
Moderación2023-09-29 18:18 (3 days later)
EstadoAceptado
Entrada de VulDB240941 [SourceCodester Best Courier Management System 1.0 Manage Account Page First Name secuencias de comandos en sitios cruzados]
Puntos20

AnteriorVisión De ConjuntoPróximo

Do you know our Splunk app?

Download it now for free!