| Title | CampCodes School Management Software 1.0 Stored Cross Site Scripting Vulnerability (XSS) |
|---|
| Description | Vulnerable Product URL: https://www.campcodes.com/downloads/school-management-software-in-php-mysql-full-source-code/
Vulnerability Name: Stored Cross Site Scripting (XSS) - Notice Module
Description:
The Notice Board Section of the Application is vulnerable to Stored Cross Site Scripting Vulnerability. Stored Cross-Site Scripting (XSS) is a type of web application vulnerability where an attacker injects malicious scripts into a web application, and the inserted scripts are stored on the server. When any user access the affected page, the stored script is executed in their browser at client side leading to unauthorised action.
Payload:
<img src=x onerror=alert(1)> |
|---|
| Source | ⚠️ https://github.com/anamika126/Stackofvulnerabilities/blob/main/Stored%20Cross%20Site%20Scripting%20-%20Notice%20Board.pdf |
|---|
| User | lucifer26 (UID 80405) |
|---|
| Submission | 01/18/2025 14:20 (1 Year ago) |
|---|
| Moderation | 01/24/2025 11:05 (6 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 293238 [CampCodes School Management Software 1.0 Notice Board Page /notice-list cross site scripting] |
|---|
| Points | 20 |
|---|