Submeter #472194: PHPGurukul Land Record System 00.0.0.1 Cross Site Scriptinginformação

TítuloPHPGurukul Land Record System 00.0.0.1 Cross Site Scripting
DescriçãoIn the directory '/landrecordsys/admin/admin-profile.php' in admin account, there is an unrestricted cross-site scripting (XSS) vulnerability and injection attacks in the "Land Record System" system on the 'Admin Name' parameter. This function will execute the user parameter without restriction. Malicious attackers can exploit this vulnerability to obtain sensitive information from clients. script: "><img src=x onerror=alert(document.cookie)>"</b>
Fonte⚠️ https://phpgurukul.com/land-record-system-using-php-and-mysql/
Utilizador
 Fergod (UID 55882)
Submissão30/12/2024 17h29 (há 2 anos)
Moderação31/12/2024 09h58 (16 hours later)
EstadoAceite
Entrada VulDB289836 [PHPGurukul Land Record System 1.0 /admin/admin-profile.php Admin Name Script de Site Cruzado]
Pontos20

Do you need the next level of professionalism?

Upgrade your account now!