Invia #103065: Young Entrepreneur E-Negosyo System v1.0 /bsenordering/index.php GET parameter category exists XSS vulnerabilityinformazioni

TitoloYoung Entrepreneur E-Negosyo System v1.0 /bsenordering/index.php GET parameter category exists XSS vulnerability
DescrizioneAn issue was discovered in Young Entrepreneur E-Negosyo System v1.0. There is a XSS vulnerability that it is possible to inject arbitrary JavaScript into the application's response via /bsenordering/index.php?category. Payload1:/bsenordering/index.php?category=<script>alert(222)</script>&q=product Payload2:/bsenordering/index.php?category=<script>alert(document.cookie)</script>&q=product
Fonte⚠️ https://github.com/2714925725/bug_report/blob/main/XSS-1.md
Utente
 mengleng (UID 43260)
Sottomissione18/03/2023 14:43 (3 anni fa)
Moderazione18/03/2023 20:57 (6 hours later)
StatoAccettato
Voce VulDB223371 [SourceCodester Young Entrepreneur E-Negosyo System 1.0 GET Parameter /bsenordering/index.php Classe cross site scripting]
Punti20

PrecedenteVisione D'ensembleIl prossimo

Do you know our Splunk app?

Download it now for free!