Submeter #404874: SourceCodester Leads Manager Tool 1.0 Server-Side Request Forgeryinformação

TítuloSourceCodester Leads Manager Tool 1.0 Server-Side Request Forgery
DescriçãoAt add-leads.php, no validation or sanitization for user input enables an authenticated account to inject an iframe tag or something similar to include an src attribute exposing internal services.
Fonte⚠️ https://drive.google.com/file/d/145MSmCe7CJoKMXzJ0XJNRYPbHykxQLjX/view?usp=sharing
Utilizador
 dwgth4i (UID 74608)
Submissão09/09/2024 13h56 (há 2 anos)
Moderação09/09/2024 17h06 (3 hours later)
EstadoDuplicado
Entrada VulDB274065 [SourceCodester Leads Manager Tool 1.0 Add Leads /endpoint/add-leads.php leads_name/phone_number Script de Site Cruzado]
Pontos0

VoltarVisão GeralPróximo

Want to know what is going to be exploited?

We predict KEV entries!