Отправить #592440: PHPGurukul Rail Pass Management System V1.0 Cross Site ScriptingИнформация

НазваниеPHPGurukul Rail Pass Management System V1.0 Cross Site Scripting
ОписаниеDuring the security assessment of "Rail Pass Management System", I detected a critical Cross-Site Scripting vulnerability in the "/rpms/download-pass.php" file. This vulnerability is attributed to the insufficient sanitization and validation of user input for the "searchdata" parameter. This inadequacy enables attackers to inject malicious JavaScript payloads that execute within the context of the application domain. Consequently, attackers can compromise user accounts, steal sensitive information, and manipulate application functionality. Immediate corrective actions are essential to safeguard user security and maintain trust.
Источник⚠️ https://github.com/kakalalaww/CVE/issues/9
Пользователь Jww0KA (UID 86269)
Представление07.06.2025 17:33 (1 Год назад)
Модерация10.06.2025 13:45 (3 days later)
Статуспринято
Запись VulDB311853 [PHPGurukul Rail Pass Management System 1.0 /rpms/download-pass.php searchdata межсайтовый скриптинг]
Баллы20

Might our Artificial Intelligence support you?

Check our Alexa App!