Submeter #171083: Authenticated cross-site scripting vulnerability via first name parameter at addsuppliers.phpinformação

TítuloAuthenticated cross-site scripting vulnerability via first name parameter at addsuppliers.php
Descrição## Summary: An Authenticated stored cross-site scripting vulnerability via first name parameter at addsuppliers.php inside the admin panel was discovered. ## Vendor: https://www.sourcecodester.com/php/16607/advance%C2%A0charity-management-system.html ## Download link: https://www.sourcecodester.com/sites/default/files/download/Aown-Shah/members.zip ## Version: v1.0 ## Proof of Concept: 1. Login as admin 2. Click on Add Users 3. Input [1] in First name field and other data in other respective fields 4. Click ADD 5. Click on dashboard 6. XSS Pop-up
Utilizador
 kr1shna4garwal (UID 49100)
Submissão18/06/2023 14h14 (há 3 anos)
Moderação18/06/2023 16h35 (2 hours later)
EstadoAceite
Entrada VulDB231807 [PuneethReddyHC online-shopping-system-advanced 1.0 addsuppliers.php First name Script de Site Cruzado]
Pontos17

Might our Artificial Intelligence support you?

Check our Alexa App!