| 제목 | code-projects Online Shop IN PHP, CSS, JavaScript, AND MYSQL 1.0 Cross Site Scripting |
|---|
| 설명 | In the `/view.php` file, an unrestricted Cross-Site Scripting (XSS) vulnerability and injection attacks exist, specifically targeting the `$name` and `$details` paremeters. The function echo the user-supplied parameter without validation. Malicious attackers can leverage this vulnerability to access sensitive client information. |
|---|
| 원천 | ⚠️ https://gist.github.com/th4s1s/fc65dafa7237cc66a18ef6005075c31b |
|---|
| 사용자 | lio346 (UID 79690) |
|---|
| 제출 | 2025. 01. 02. AM 09:49 (1 년도 ago) |
|---|
| 모더레이션 | 2025. 01. 02. PM 07:05 (9 hours later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 290104 [code-projects Online Shop 1.0 /view.php name/details 크로스 사이트 스크립팅] |
|---|
| 포인트들 | 18 |
|---|