提出 #171083: Authenticated cross-site scripting vulnerability via first name parameter at addsuppliers.php情報

タイトルAuthenticated cross-site scripting vulnerability via first name parameter at addsuppliers.php
説明## Summary: An Authenticated stored cross-site scripting vulnerability via first name parameter at addsuppliers.php inside the admin panel was discovered. ## Vendor: https://www.sourcecodester.com/php/16607/advance%C2%A0charity-management-system.html ## Download link: https://www.sourcecodester.com/sites/default/files/download/Aown-Shah/members.zip ## Version: v1.0 ## Proof of Concept: 1. Login as admin 2. Click on Add Users 3. Input [1] in First name field and other data in other respective fields 4. Click ADD 5. Click on dashboard 6. XSS Pop-up
ユーザー
 kr1shna4garwal (UID 49100)
送信2023年06月18日 14:14 (3 年 ago)
モデレーション2023年06月18日 16:35 (2 hours later)
ステータス承諾済み
VulDBエントリ231807 [PuneethReddyHC online-shopping-system-advanced 1.0 addsuppliers.php First name クロスサイトスクリプティング]
ポイント17

Want to stay up to date on a daily basis?

Enable the mail alert feature now!