Invia #171083: Authenticated cross-site scripting vulnerability via first name parameter at addsuppliers.phpinformazioni

TitoloAuthenticated cross-site scripting vulnerability via first name parameter at addsuppliers.php
Descrizione## Summary: An Authenticated stored cross-site scripting vulnerability via first name parameter at addsuppliers.php inside the admin panel was discovered. ## Vendor: https://www.sourcecodester.com/php/16607/advance%C2%A0charity-management-system.html ## Download link: https://www.sourcecodester.com/sites/default/files/download/Aown-Shah/members.zip ## Version: v1.0 ## Proof of Concept: 1. Login as admin 2. Click on Add Users 3. Input [1] in First name field and other data in other respective fields 4. Click ADD 5. Click on dashboard 6. XSS Pop-up
Utente
 kr1shna4garwal (UID 49100)
Sottomissione18/06/2023 14:14 (3 anni fa)
Moderazione18/06/2023 16:35 (2 hours later)
StatoAccettato
Voce VulDB231807 [PuneethReddyHC online-shopping-system-advanced 1.0 addsuppliers.php First name cross site scripting]
Punti17

Interested in the pricing of exploits?

See the underground prices here!