Submeter #787671: SourceCodester Sales and Inventory System 1.0 Cross Site Scriptinginformação

TítuloSourceCodester Sales and Inventory System 1.0 Cross Site Scripting
DescriçãoA reflected cross-site scripting (XSS) vulnerability exists in Sales and Inventory System 1.0. The vulnerability is located in the index.php login page. The application fails to sanitize the GET parameter 'msg' before reflecting it in the response, allowing a remote attacker to execute arbitrary JavaScript in the victim's browser without authentication.
Fonte⚠️ https://github.com/meifukun/Web-Security-PoCs/blob/main/Inventory-System/XSS-Index-msg.md
Utilizador
 563742137abc (UID 95813)
Submissão25/03/2026 02h57 (há 17 dias)
Moderação08/04/2026 17h12 (15 days later)
EstadoDuplicado
Entrada VulDB354203 [SourceCodester Sales and Inventory System 1.0 Parameter index.php msg Script de Site Cruzado]
Pontos0

VoltarVisão GeralPróximo

Do you need the next level of professionalism?

Upgrade your account now!