제출 #300037: SOURCECODESTER File Manager App 1.0 Stored XSS정보

제목SOURCECODESTER File Manager App 1.0 Stored XSS
설명The File Manager App is vulnerable to Stored Cross-Site Scripting (XSS) in /endpoint/add-file.php. This vulnerability arises from not sanitizing user inputs for fileTitle and fileUploader fields, allowing attackers to inject malicious JavaScript code. As demonstrated, submitting a file with a specially crafted fileTitle or fileUploader value can execute arbitrary JavaScript code, such as displaying an alert box. This highlights the necessity for stringent input validation and sanitization to prevent stored XSS vulnerabilities, thereby safeguarding the application and its users from potential malicious exploits.
원천⚠️ https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20File%20Manager%20App/STORED%20XSS%20add-file.php.md
사용자
 nochizplz (UID 64302)
제출2024. 03. 17. PM 12:47 (2 연령 ago)
모더레이션2024. 03. 18. PM 05:06 (1 day later)
상태중복
VulDB 항목243595 [SourceCodester File Manager App 1.0 endpoint/add-file.php uploadedFileName 권한 상승]
포인트들0

Interested in the pricing of exploits?

See the underground prices here!