Submeter #674483: https://code-projects.org/e-commerce-website-in-php-with-source- E-COMMERCE WEBSITE V1.0 Stored/Persistent XSSinformação

Títulohttps://code-projects.org/e-commerce-website-in-php-with-source- E-COMMERCE WEBSITE V1.0 Stored/Persistent XSS
DescriçãoDuring the security assessment of "E-COMMERCE WEBSITE", I detected a critical stored cross-site scripting vulnerability in the "/Electricks-shop/pages/supplier_add.php" file. This vulnerability occurs due to inadequate input sanitization for user-controllable data that is stored and later displayed without proper output encoding. Attackers can inject malicious scripts that remain on the server and execute automatically when legitimate users browse the affected pages. This can result in unauthorized actions being performed on behalf of authenticated users, theft of sensitive information, and complete compromise of user sessions. Immediate remediation is required to prevent widespread impact.
Fonte⚠️ https://figshare.com/s/b35b6f6f6a10d8fdc131?file=58703836
Utilizador
 YYJ_0815 (UID 91605)
Submissão14/10/2025 03h51 (há 8 meses)
Moderação27/10/2025 13h38 (13 days later)
EstadoAceite
Entrada VulDB330120 [code-projects E-Commerce Website 1.0 /pages/supplier_add.php supp_name/supp_address Script de Site Cruzado]
Pontos20

VoltarVisão GeralPróximo

Might our Artificial Intelligence support you?

Check our Alexa App!