| Название | CampCodes School Management Software 1.0 Stored Cross Site Scripting Vulnerability (XSS) |
|---|
| Описание | Vulnerable Product URL: https://www.campcodes.com/downloads/school-management-software-in-php-mysql-full-source-code/
Vulnerability Name: Stored Cross Site Scripting (XSS) - Notice Module
Description:
The Notice Board Section of the Application is vulnerable to Stored Cross Site Scripting Vulnerability. Stored Cross-Site Scripting (XSS) is a type of web application vulnerability where an attacker injects malicious scripts into a web application, and the inserted scripts are stored on the server. When any user access the affected page, the stored script is executed in their browser at client side leading to unauthorised action.
Payload:
<img src=x onerror=alert(1)> |
|---|
| Источник | ⚠️ https://github.com/anamika126/Stackofvulnerabilities/blob/main/Stored%20Cross%20Site%20Scripting%20-%20Notice%20Board.pdf |
|---|
| Пользователь | lucifer26 (UID 80405) |
|---|
| Представление | 18.01.2025 14:20 (1 Год назад) |
|---|
| Модерация | 24.01.2025 11:05 (6 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 293238 [CampCodes School Management Software 1.0 Notice Board Page /notice-list Уведомление межсайтовый скриптинг] |
|---|
| Баллы | 20 |
|---|