| Title | Vehicle Management System 1.0 Cross-site Scripting |
|---|
| Description | The extra-cost parameter in the billaction.php file of the Vehicle Management System is not strictly verified for user input, resulting in the input data can be combined with Sql statements, resulting in the user input information displayed on the page without filtering. As a result, Cross-site Scripting (XSS) exists. Attackers can exploit the vulnerability, threatening user security.
Source Download:https://itsourcecode.com/free-projects/php-project/vehicle-management-system-project-in-php-free-download/ |
|---|
| Source | ⚠️ https://github.com/FinleyTang/Vehicle-Management-System/blob/main/Vehicle%20Management%20System%20billaction.php%20has%20Cross-site%20Scripting%20(XSS).pdf |
|---|
| User | FinleyTang (UID 44196) |
|---|
| Submission | 12/13/2024 09:03 (2 years ago) |
|---|
| Moderation | 12/19/2024 08:58 (6 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 288959 [itsourcecode Vehicle Management System 1.0 /billaction.php extra-cost cross site scripting] |
|---|
| Points | 20 |
|---|