Submit #43066: Wedding Hall Booking System Exists Multiple Cross-Site Scripting Vulnerabilitiesinfo

Title	Wedding Hall Booking System Exists Multiple Cross-Site Scripting Vulnerabilities
Description	The Wedding Hall Booking System published in SourceCodester has multiple Cross-site scripting vulnerabilities. The system does not do anything with input and output. Attackers can construct malicious code to steal user and administrator cookies. Attackers can enter malicious code on Booking Form, index.php?page=contact_us, index.php?page=manage_account, /admin/?page=user and other pages to perform Cross-site scripting attacks, which will trigger on any output page.
Source	⚠️ https://github.com/Jamison2022/Wedding-Hall-Booking-System/blob/main/WHBS-XSS.md
User	Jamison (UID 30712)
Submission	08/06/2022 11:03 (4 years ago)
Moderation	08/06/2022 18:47 (8 hours later)
Status	Accepted
VulDB entry	205812 [SourceCodester Wedding Hall Booking System Contact Page /whbs/?page=contact_us Message cross site scripting]
Points	20

Do you want to use VulDB in your project?

Use the official API to access entries easily!