| 제목 | SourceCodester Inventory Management System 1.0 has a Persistent Cross Site Scripting vulnerability in suppliar_data.php |
|---|
| 설명 | https://github.com/TheCyberDiver/Public-Disclosures-CVE-/blob/main/Inventory-Management-System-XSS.md
The link above is a detailed report on the issue.
Software
Software: Inventory Management System 1.0
Software Link: https://www.sourcecodester.com/php/16741/free-and-open-source-inventory-management-system-php-source-code.html
Vulnerability Type: XSS
Attack Type: Remote
Vendor of Product: Sourcecodester
Description
A vulnerability has been found in SourceCodester Inventory Management System 1.0 and classified as critical. SourceCodester Inventory Management System 1.0 has a Persistent Cross Site Scripting vulnerability in suppliar_data.php. The manipulation of the argument name or company leads to malicious Javascript being rendered. Remote attackers can leverage this to affect any other users that visit that portion of the application. |
|---|
| 원천 | ⚠️ Stored XSS // <img src=x onerror=alert(1)> |
|---|
| 사용자 | error404unknown (UID 53361) |
|---|
| 제출 | 2023. 08. 25. PM 06:45 (3 연령 ago) |
|---|
| 모더레이션 | 2023. 08. 26. PM 05:51 (23 hours later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 238153 [SourceCodester Inventory Management System 1.0 suppliar_data.php name/company 크로스 사이트 스크립팅] |
|---|
| 포인트들 | 17 |
|---|