Submit #787661: SourceCodester Sales and Inventory System 1.0 Cross Site Scriptinginfo

TitleSourceCodester Sales and Inventory System 1.0 Cross Site Scripting
DescriptionA reflected cross-site scripting (XSS) vulnerability exists in Sales and Inventory System 1.0. The vulnerability is located in the add_customer.php file. The application fails to sanitize the GET parameter 'msg' before reflecting it in the response, allowing an authenticated attacker to execute arbitrary JavaScript in the victim's browser.
Source⚠️ https://github.com/meifukun/Web-Security-PoCs/blob/main/Inventory-System/XSS-AddCustomer-msg.md
User
 563742137abc (UID 95813)
Submission03/25/2026 02:33 (16 days ago)
Moderation04/08/2026 17:11 (15 days later)
StatusDuplicate
VulDB entry354208 [SourceCodester Sales and Inventory System 1.0 Parameter add_customer.php msg cross site scripting]
Points0

PreviousOverviewNext

Interested in the pricing of exploits?

See the underground prices here!