Enviar #71511: Online Food Ordering System V2 - Persistent XSSinformación

TítuloOnline Food Ordering System V2 - Persistent XSS
Descripción# Exploit Title: Online Food Ordering System V2 - Persistent XSS # Exploit Author: Krutika Thakur # Vendor Name: oretnom23 # Vendor Homepage: https://www.sourcecodester.com/php/16022/online-food-ordering-system-v2-using-php8-and-mysql-free-source-code.html # Software Link: https://www.sourcecodester.com/php/16022/online-food-ordering-system-v2-using-php8-and-mysql-free-source-code.html # Version: v2.0 # Tested on: Windows 11, Apache Description: A Persistent XSS issue in Online Food Ordering System V2 allows to inject Arbitrary JavaScript in "Category" Parameter. Parameter: Category Form = Category Payload: "><script>prompt(1)</script> Steps: 1) Login as a Admin user 2) Now in that we can see an tab named "Category List" in that go to "Category" 3) The Parameter "Reason" in this we put our payload. Payload: "><script>prompt(1)</script>
Usuario
 lucifoxer001 (UID 33693)
Sumisión2023-01-12 20:26 (hace 3 años)
Moderación2023-01-12 22:20 (2 hours later)
EstadoAceptado
Entrada de VulDB218186 [SourceCodester Online Food Ordering System 2.0 Category List Razón secuencias de comandos en sitios cruzados]
Puntos17

AnteriorVisión De ConjuntoPróximo

Want to stay up to date on a daily basis?

Enable the mail alert feature now!