Submeter #654067: PHPGurukul Car Rental Project V 3.0 a cross-site scripting (XSS)informação

TítuloPHPGurukul Car Rental Project V 3.0 a cross-site scripting (XSS)
DescriçãoDuring the security assessment of "Car Rental Project in PHP and Mysql", a cross-site scripting (XSS) vulnerability was identified in " /carrental/search.php". The vulnerability arises from insufficient sanitization of the "autofocus" parameter, which allows attackers to inject and execute malicious scripts in the browser of a victim visiting the affected page. Depending on the authentication requirements, this issue could affect both unauthenticated visitors and authenticated users, including administrators.
Fonte⚠️ https://github.com/tddgns/cve/issues/1
Utilizador
 tddgns (UID 90187)
Submissão14/09/2025 10h09 (há 7 meses)
Moderação21/09/2025 11h24 (7 days later)
EstadoAceite
Entrada VulDB325151 [PHPGurukul Car Rental Project 3.0 /carrental/search.php autofocus Script de Site Cruzado]
Pontos20

VoltarVisão GeralPróximo

Do you need the next level of professionalism?

Upgrade your account now!