| Title | SourceCodester Online Student Clearance System using PHP and MySQL 1.0 Basic Cross Site Scripting |
|---|
| Description | Product: Online Student Clearance System using PHP and MySQL
Version: Submitted by Senior Walter on Wednesday, April 23, 2025 - 14:09
The page http://localhost/student_clearance_system_Aurthur_Javis/Admin/add-fee.php contains a XSS vulnerability in the Amount (NGN) field (parameter: txtamt). By inserting the payload "><script>alert('XSS')</script>" proves the parameter is unsanitised from user's input. It is recommended to sanitise the user's input. |
|---|
| User | snoopyloopyme (UID 86301) |
|---|
| Submission | 06/08/2025 04:10 (1 Year ago) |
|---|
| Moderation | 06/10/2025 18:05 (3 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 311899 [SourceCodester Online Student Clearance System 1.0 /Admin/add-fee.php txtamt cross site scripting] |
|---|
| Points | 17 |
|---|