| 제목 | Sanitization Management System v1.0 Stored Cross Site Scripting |
|---|
| 설명 | In Sanitization Management System v1.0, several parameters do not have sufficient input sanitization mechanisms which led to successful execution of cross-site scripting payloads.
Affected parameters:
1. name (Endpoint: /php-sms/classes/SystemSettings.php)
2. shortname (Endpoint: /php-sms/classes/SystemSettings.php)
3. message (Endpoint: /php-sms/classes/Master.php)
Affected Sink:
1. Entire application for /php-sms/classes/SystemSettings.php
2. /php-sms/admin/?page=inquiries/view_inquiry for /php-sms/classes/Master.php
References:
https://www.sourcecodester.com/php/15770/sanitization-management-system-project-php-and-mysql-free-source-code.html |
|---|
| 사용자 | jiajian (UID 34329) |
|---|
| 제출 | 2022. 10. 23. PM 06:59 (3 연령 ago) |
|---|
| 모더레이션 | 2022. 10. 24. AM 07:40 (13 hours later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 212015 [SourceCodester Sanitization Management System 1.0 SystemSettings.php name/shortname 크로스 사이트 스크립팅] |
|---|
| 포인트들 | 17 |
|---|