| Название | code-projects Chat System 1 Cross Site Scripting |
|---|
| Описание | In the file '/admin/update_room.php' in admin account, there is an unrestricted cross-site scripting (XSS) stored vulnerability and injection attacks in the "Chat System" system on the 'name' parameter. This function will execute the user parameter without restriction. Malicious attackers can exploit this vulnerability to obtain sensitive information from clients. |
|---|
| Источник | ⚠️ https://code-projects.org/chat-system-using-php-source-code/ |
|---|
| Пользователь | Fergod (UID 55882) |
|---|
| Представление | 28.12.2024 06:01 (1 Год назад) |
|---|
| Модерация | 28.12.2024 17:16 (11 hours later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 289710 [code-projects Chat System 1.0 Chat Room Page /admin/update_room.php Имя межсайтовый скриптинг] |
|---|
| Баллы | 19 |
|---|