Отправить #157114: Guest Management System v1.0 /guestmanagement/dateTest.php GET parameter name exists reflected cross-site scripting vulnerabilityИнформация

НазваниеGuest Management System v1.0 /guestmanagement/dateTest.php GET parameter name exists reflected cross-site scripting vulnerability
ОписаниеGuest Management System v1.0 has reflected cross-site scripting vulnerability. Vulnerability File: /guestmanagement/dateTest.php GET parameter "name" exists reflected cross-site scripting vulnerability. Payload: /guestmanagement/dateTest.php?name="><script>alert(document.cookie)</script>&name1=Submit The js code is successfully executed and the cookie value is returned, which proves that there is a reflected cross-site scripting vulnerability.
Источник⚠️ https://github.com/xryj920/CVE/blob/main/XSS.md
Пользователь
 DRXYJ (UID 46872)
Представление16.05.2023 15:41 (3 лет назад)
Модерация16.05.2023 18:14 (3 hours later)
Статуспринято
Запись VulDB229160 [SourceCodester Guest Management System 1.0 GET Parameter dateTest.php Имя межсайтовый скриптинг]
Баллы20

ПредыдущийОбзорДалее

Do you want to use VulDB in your project?

Use the official API to access entries easily!