| 제목 | CampCodes School Management Software 1.0 Stored Cross Site Scripting Vulnerability (XSS) |
|---|
| 설명 | Vulnerable Product URL: https://www.campcodes.com/downloads/school-management-software-in-php-mysql-full-source-code/
Vulnerability Name: Stored Cross Site Scripting (XSS) - Notice Module
Description:
The Notice Board Section of the Application is vulnerable to Stored Cross Site Scripting Vulnerability. Stored Cross-Site Scripting (XSS) is a type of web application vulnerability where an attacker injects malicious scripts into a web application, and the inserted scripts are stored on the server. When any user access the affected page, the stored script is executed in their browser at client side leading to unauthorised action.
Payload:
<img src=x onerror=alert(1)> |
|---|
| 원천 | ⚠️ https://github.com/anamika126/Stackofvulnerabilities/blob/main/Stored%20Cross%20Site%20Scripting%20-%20Notice%20Board.pdf |
|---|
| 사용자 | lucifer26 (UID 80405) |
|---|
| 제출 | 2025. 01. 18. PM 02:20 (1 년도 ago) |
|---|
| 모더레이션 | 2025. 01. 24. AM 11:05 (6 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 293238 [CampCodes School Management Software 1.0 Notice Board Page /notice-list 알림 크로스 사이트 스크립팅] |
|---|
| 포인트들 | 20 |
|---|