| 제목 | CodeAstro Ecommerce Website in PHP MySQL 1.0 Stored Cross Site Scripting |
|---|
| 설명 | A stored Cross-Site Scripting (XSS) vulnerability in the Ecommerce Website in PHP MySQL with Source Code application allows attackers to inject arbitrary JavaScript into the username field. The malicious payload is stored in the database and is executed in the browser of any user who views the affected page, such as the home page after login. Successful exploitation could lead to session hijacking, account takeover, phishing, or other malicious actions in the context of the victim’s session. |
|---|
| 원천 | ⚠️ https://gist.github.com/0xSebin/bb6781e5977bda36610fda20861a5bbe |
|---|
| 사용자 | 0xSebin (UID 35195) |
|---|
| 제출 | 2025. 08. 09. AM 09:13 (11 개월 ago) |
|---|
| 모더레이션 | 2025. 08. 20. PM 12:57 (11 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 320770 [CodeAstro Ecommerce Website 1.0 Edit Your Account Page my_account.php?edit_account 사용자 이름 크로스 사이트 스크립팅] |
|---|
| 포인트들 | 20 |
|---|