Gửi #300037: SOURCECODESTER File Manager App 1.0 Stored XSSthông tin

tiêu đềSOURCECODESTER File Manager App 1.0 Stored XSS
Mô tảThe File Manager App is vulnerable to Stored Cross-Site Scripting (XSS) in /endpoint/add-file.php. This vulnerability arises from not sanitizing user inputs for fileTitle and fileUploader fields, allowing attackers to inject malicious JavaScript code. As demonstrated, submitting a file with a specially crafted fileTitle or fileUploader value can execute arbitrary JavaScript code, such as displaying an alert box. This highlights the necessity for stringent input validation and sanitization to prevent stored XSS vulnerabilities, thereby safeguarding the application and its users from potential malicious exploits.
Nguồn⚠️ https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20File%20Manager%20App/STORED%20XSS%20add-file.php.md
Người dùng
 nochizplz (UID 64302)
Đệ trình17/03/2024 12:47 (cách đây 2 những năm)
Kiểm duyệt18/03/2024 17:06 (1 day later)
Trạng tháiBản sao
Mục VulDB243595 [SourceCodester File Manager App 1.0 endpoint/add-file.php uploadedFileName nâng cao đặc quyền]
điểm0

Want to know what is going to be exploited?

We predict KEV entries!