Submeter #274372: COGITES eReserv v7.7.58 Reflected XSS (authenticated)informação

TítuloCOGITES eReserv v7.7.58 Reflected XSS (authenticated)
DescriçãoYou will have to authenticate to their demo online for the purpose of this PoC On admin panel (Authenticated): The "id=" parameter on tenancyDetail.php is vulnerable to reflected XSS. proof of concept: https://my.e-reserv.com/00000000ereservpro/front/admin/tenancyDetail.php?id=id=%22%3E%3Cscript%3Ealert(%27XSS%27)%3C/script%3E
Utilizador
 rubx (UID 62535)
Submissão28/01/2024 17h57 (há 2 anos)
Moderação29/01/2024 14h35 (21 hours later)
EstadoAceite
Entrada VulDB252303 [Cogites eReserv 7.7.58 tenancyDetail.php ID Script de Site Cruzado]
Pontos15

Want to stay up to date on a daily basis?

Enable the mail alert feature now!