提交 #166744: Performance Indicator System v1.0 /opils/admin/addproduct.php post form parameters prodname exists stored cross-site scripting vulnerability信息

标题Performance Indicator System v1.0 /opils/admin/addproduct.php post form parameters prodname exists stored cross-site scripting vulnerability
描述An issue was discovered in Performance Indicator System v1.0. There is a stored cross-site scripting vulnerability that it is possible to inject arbitrary JavaScript into the application's response via /opils/admin/addproduct.php post form parameters prodname. Payload:<script>alert(document.cookie)</script> Payload will trigger when a user visits on http://localhost/opils/admin/product.php
来源⚠️ https://github.com/wenwochunfeng/bugReport/blob/main/XSS.md
用户
 BaiXiJun (UID 48383)
提交2023-06-09 10時33分 (3 年前)
管理2023-06-09 14時39分 (4 hours later)
状态已接受
VulDB条目231163 [SourceCodester Performance Indicator System 1.0 /admin/addproduct.php prodname 跨网站脚本]
积分20

Do you want to use VulDB in your project?

Use the official API to access entries easily!