Enviar #472194: PHPGurukul Land Record System 00.0.0.1 Cross Site Scriptinginformación

TítuloPHPGurukul Land Record System 00.0.0.1 Cross Site Scripting
DescripciónIn the directory '/landrecordsys/admin/admin-profile.php' in admin account, there is an unrestricted cross-site scripting (XSS) vulnerability and injection attacks in the "Land Record System" system on the 'Admin Name' parameter. This function will execute the user parameter without restriction. Malicious attackers can exploit this vulnerability to obtain sensitive information from clients. script: "><img src=x onerror=alert(document.cookie)>"</b>
Fuente⚠️ https://phpgurukul.com/land-record-system-using-php-and-mysql/
Usuario
 Fergod (UID 55882)
Sumisión2024-12-30 17:29 (hace 2 años)
Moderación2024-12-31 09:58 (16 hours later)
EstadoAceptado
Entrada de VulDB289836 [PHPGurukul Land Record System 1.0 /admin/admin-profile.php Admin Name secuencias de comandos en sitios cruzados]
Puntos20

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!