| 标题 | PHPGurukul Taxi Stand Management System 1.0 Cross Site Scripting |
|---|
| 描述 | A Stored Cross-Site Scripting (XSS) vulnerability exists in the adminname field of the Time Table Generator System.
Malicious JavaScript can be injected via POST to /admin/admin-profile.php, and the script will execute when an admin views their own profile.
|
|---|
| 来源 | ⚠️ https://github.com/LagonGit/ReportCVE/issues/7 |
|---|
| 用户 | Longlagon (UID 88119) |
|---|
| 提交 | 2025-07-20 06時02分 (8 月前) |
|---|
| 管理 | 2025-07-21 09時40分 (1 day later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 317083 [PHPGurukul Taxi Stand Management System 1.0 /admin/admin-profile.php adminname 跨网站脚本] |
|---|
| 积分 | 18 |
|---|