Submeter #787669: SourceCodester Sales and Inventory System 1.0 Cross Site Scriptinginformação

TítuloSourceCodester Sales and Inventory System 1.0 Cross Site Scripting
DescriçãoA reflected cross-site scripting (XSS) vulnerability exists in Sales and Inventory System 1.0. The vulnerability is located in the add_supplier.php file. The application fails to sanitize the GET parameter 'msg' before reflecting it in the response, allowing an authenticated attacker to execute arbitrary JavaScript in the victim's browser.
Fonte⚠️ https://github.com/meifukun/Web-Security-PoCs/blob/main/Inventory-System/XSS-AddSupplier-msg.md
Utilizador
 563742137abc (UID 95813)
Submissão25/03/2026 02h55 (há 16 dias)
Moderação08/04/2026 17h12 (15 days later)
EstadoDuplicado
Entrada VulDB354206 [SourceCodester Sales and Inventory System 1.0 Parameter add_supplier.php msg Script de Site Cruzado]
Pontos0

VoltarVisão GeralPróximo

Want to stay up to date on a daily basis?

Enable the mail alert feature now!