| 标题 | code-projects simple-crud-functionality-in-php 1.0 Cross Site Scripting |
|---|
| 描述 | there are unrestricted cross site scripting attacks and injection attacks in the simple-crud-functionality-in-php in index.php. The controllable parameters are as follows: descr parameter and title parameter. This function will execute the user parameter without restriction into the echo statement. Malicious attackers can exploit this vulnerability to obtain sensitive information from clients. |
|---|
| 来源 | ⚠️ https://github.com/LamentXU123/cve/blob/main/xss3.md |
|---|
| 用户 | LamentXU (UID 78142) |
|---|
| 提交 | 2024-12-03 15時35分 (2 年前) |
|---|
| 管理 | 2024-12-05 09時47分 (2 days later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 286978 [code-projects Simple CRUD Functionality 1.0 /index.php newtitle/newdescr 跨网站脚本] |
|---|
| 积分 | 19 |
|---|