Submit #472190: PHPGurukul Land Record System 0.1 Cross Site Scriptinginfo

TitlePHPGurukul Land Record System 0.1 Cross Site Scripting
DescriptionIn the directory '/landrecordsys/admin/aboutus.php' in admin account, there is an unrestricted cross-site scripting (XSS) stored vulnerability and injection attacks in the "Land Record System" system on the 'Page Description' parameter. This function will execute the user parameter without restriction. Malicious attackers can exploit this vulnerability to obtain sensitive information from clients. script: "><img src=x onerror=alert(document.location)>"</b>
Source⚠️ https://phpgurukul.com/land-record-system-using-php-and-mysql/
User
 Fergod (UID 55882)
Submission12/30/2024 17:24 (2 years ago)
Moderation12/31/2024 09:58 (17 hours later)
StatusAccepted
VulDB entry289833 [PHPGurukul Land Record System 1.0 /admin/aboutus.php Page Description cross site scripting]
Points20

Do you want to use VulDB in your project?

Use the official API to access entries easily!