| Title | code-projects Chat System 1 Cross Site Scripting |
|---|
| Description | In the file '/admin/update_room.php' in admin account, there is an unrestricted cross-site scripting (XSS) stored vulnerability and injection attacks in the "Chat System" system on the 'name' parameter. This function will execute the user parameter without restriction. Malicious attackers can exploit this vulnerability to obtain sensitive information from clients. |
|---|
| Source | ⚠️ https://code-projects.org/chat-system-using-php-source-code/ |
|---|
| User | Fergod (UID 55882) |
|---|
| Submission | 12/28/2024 06:01 (1 Year ago) |
|---|
| Moderation | 12/28/2024 17:16 (11 hours later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 289710 [code-projects Chat System 1.0 Chat Room Page /admin/update_room.php Name cross site scripting] |
|---|
| Points | 19 |
|---|