제출 #34400: School Club Application System (SCAS) 1.0 - Cross-Site Scripting Reflected정보

제목School Club Application System (SCAS) 1.0 - Cross-Site Scripting Reflected
설명# Exploit Title: School Club Application System (SCAS) 1.0 - Cross-Site Scripting Reflected # Date: 2022-04-09 # Exploit Author: Mr Empy # Software Link: https://www.sourcecodester.com/php/15266/school-club-application-system-phpoop-free-source-code.html # Version: 1.0 # Tested on: Linux Title: ================ School Club Application System (SCAS) 1.0 - Cross-Site Scripting Reflected Summary: ================ School Club Application System (SCAS) in version 1.0 is affected by Cross-site Scripting vulnerability due to poor hygiene in a certain parameter. The attacker could take advantage of this flaw to inject arbitrary javascript code to manipulate the victim's browser capabilities. Severity Level: ================ 6.5 (Medium) CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Affected Product: ================ School Club Application System v1.0 Steps to Reproduce: ================ URL: http://target.com/scas/admin/?page=%22%3E%3Cimg%20src=x%20onerror=alert(1)%3E
원천⚠️ https://www.sourcecodester.com/php/15266/school-club-application-system-phpoop-free-source-code.html?
사용자
 mrempy (UID 24379)
제출2022. 04. 09. PM 05:37 (4 연령 ago)
모더레이션2022. 04. 09. PM 08:20 (3 hours later)
상태수락
VulDB 항목196751 [School Club Application System 1.0 /scas/admin/ page 크로스 사이트 스크립팅]
포인트들20

이전개요다음

Want to know what is going to be exploited?

We predict KEV entries!