Отправить #171083: Authenticated cross-site scripting vulnerability via first name parameter at addsuppliers.phpИнформация

НазваниеAuthenticated cross-site scripting vulnerability via first name parameter at addsuppliers.php
Описание## Summary: An Authenticated stored cross-site scripting vulnerability via first name parameter at addsuppliers.php inside the admin panel was discovered. ## Vendor: https://www.sourcecodester.com/php/16607/advance%C2%A0charity-management-system.html ## Download link: https://www.sourcecodester.com/sites/default/files/download/Aown-Shah/members.zip ## Version: v1.0 ## Proof of Concept: 1. Login as admin 2. Click on Add Users 3. Input [1] in First name field and other data in other respective fields 4. Click ADD 5. Click on dashboard 6. XSS Pop-up
Пользователь
 kr1shna4garwal (UID 49100)
Представление18.06.2023 14:14 (3 лет назад)
Модерация18.06.2023 16:35 (2 hours later)
Статуспринято
Запись VulDB231807 [PuneethReddyHC online-shopping-system-advanced 1.0 addsuppliers.php First name межсайтовый скриптинг]
Баллы17

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!