Gửi #599888: code-projects School Fees Payment System 1.0 Cross Site Scriptingthông tin

tiêu đềcode-projects School Fees Payment System 1.0 Cross Site Scripting
Mô tảDuring the security review of "School Fees Payment System", I discovered a Stored Cross-Site Scripting vulnerability in the "/fees.php" file. This vulnerability stems from insufficient user input validation of the 'transcation_remark' parameter, allowing attackers to inject malicious front-end code. Therefore, attackers can forge input values, thereby manipulating front-end code and performing the set behaviors in the user's browser, such as stealing the user's cookies. Immediate remedial measures are needed to ensure system security and protect data integrity.
Nguồn⚠️ https://github.com/tuooo/CVE/issues/17
Người dùng
 DS_Leo (UID 86084)
Đệ trình18/06/2025 19:25 (cách đây 1 Năm)
Kiểm duyệt21/06/2025 07:27 (3 days later)
Trạng tháiđược chấp nhận
Mục VulDB313581 [code-projects School Fees Payment System 1.0 /fees.php transcation_remark Tập lệnh chéo trang]
điểm20

Interested in the pricing of exploits?

See the underground prices here!