| Title | codeastro Online Railway Reservation System 1.0 Cross Site Scripting |
|---|
| Description | A Stored Cross-Site Scripting (Stored XSS) vulnerability was identified in the Online Railway Reservation System v1.0 product, specifically in the /admin/admin-add-employee.php and /admin/admin-update-employee.php components, provided by Codeastro. This vulnerability allows an attacker to inject and execute arbitrary code within the web application's context. |
|---|
| Source | ⚠️ https://github.com/CYB84/CVE_Writeup/blob/main/Online%20Railway%20Reservation%20System/Stored%20XSS.md |
|---|
| User | Raj Nandi (UID 73232) |
|---|
| Submission | 08/14/2024 18:56 (2 years ago) |
|---|
| Moderation | 08/14/2024 20:38 (2 hours later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 274711 [CodeAstro Online Railway Reservation System 1.0 Update Employee Page admin-update-employee.php emp_fname /emp_lname /emp_nat_idno/emp_addr cross site scripting] |
|---|
| Points | 18 |
|---|