| Título | CampCodes School Management Software 1.0 Stored Cross Site Scripting Vulnerability (XSS) |
|---|
| Descrição | Vulnerable Product URL: https://www.campcodes.com/downloads/school-management-software-in-php-mysql-full-source-code/
Vulnerability Name: Stored Cross Site Scripting (XSS) - Notice Module
Description:
The Notice Board Section of the Application is vulnerable to Stored Cross Site Scripting Vulnerability. Stored Cross-Site Scripting (XSS) is a type of web application vulnerability where an attacker injects malicious scripts into a web application, and the inserted scripts are stored on the server. When any user access the affected page, the stored script is executed in their browser at client side leading to unauthorised action.
Payload:
<img src=x onerror=alert(1)> |
|---|
| Fonte | ⚠️ https://github.com/anamika126/Stackofvulnerabilities/blob/main/Stored%20Cross%20Site%20Scripting%20-%20Notice%20Board.pdf |
|---|
| Utilizador | lucifer26 (UID 80405) |
|---|
| Submissão | 18/01/2025 14h20 (há 1 Ano) |
|---|
| Moderação | 24/01/2025 11h05 (6 days later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 293238 [CampCodes School Management Software 1.0 Notice Board Page /notice-list Nota Script de Site Cruzado] |
|---|
| Pontos | 20 |
|---|