Invia #836289: SourceCodester Inventory System using PHP and MySQL Source Code 1.0 Cross Site Scriptinginformazioni

TitoloSourceCodester Inventory System using PHP and MySQL Source Code 1.0 Cross Site Scripting
Descrizionehe fullname and username input fields fail to sanitize or encode user-supplied input before storing it in the database. When an administrator visits the User Management page (users.php), the unsanitized payloads are rendered directly in the HTML context, causing immediate JavaScript execution in the admin's browser session.
Fonte⚠️ https://github.com/Xmyronn/Stored-XSS-in-Inventory-System-using-PHP-and-MySQL.git
Utente
 imad alvi (UID 97088)
Sottomissione24/05/2026 01:53 (2 mesi fa)
Moderazione07/06/2026 18:01 (15 days later)
StatoAccettato
Voce VulDB369138 [SourceCodester Inventory System 1.0 User Management Page /users.php fullname/username cross site scripting]
Punti19

Do you want to use VulDB in your project?

Use the official API to access entries easily!