Gửi #156117: Personnel Property Equipment System v1.0 /PPES/admin/add_item.php POST parameter item_name exists stored cross-site scripting vulnerabilitythông tin

tiêu đềPersonnel Property Equipment System v1.0 /PPES/admin/add_item.php POST parameter item_name exists stored cross-site scripting vulnerability
Mô tảPersonnel Property Equipment System v1.0 has stored cross-site scripting. Vulnerability File: /PPES/admin/add_item.php POST parameter "item_name" exists stored cross-site scripting vulnerability. Payload: item_name=<script>alert(document.cookie)</script>&item_brand=2&item_serial=3&item_status=New&item_description=<p>4</p>&save= Payload will trigger when a user visits on http://localhost/PPES/admin/item.php
Nguồn⚠️ https://github.com/LeozhangCA/CVEReport/blob/main/StoredXSS.md
Người dùng
 LeoZhangCA (UID 46757)
Đệ trình13/05/2023 13:30 (cách đây 3 những năm)
Kiểm duyệt14/05/2023 09:44 (20 hours later)
Trạng tháiđược chấp nhận
Mục VulDB228972 [SourceCodester Personnel Property Equipment System 1.0 POST Parameter admin/add_item.php item_name Tập lệnh chéo trang]
điểm20

TrướcTổng QuanTiếp theo

Might our Artificial Intelligence support you?

Check our Alexa App!