| 标题 | code-projects online-exam-mastering-system-php 1.0 Cross Site Scripting |
|---|
| 描述 | In sign.php and account.php .There are unrestricted cross site scripting attacks and injection attacks in the online-exam-mastering-system-php. The controllable parameters are as follows: nome parameter. This function will execute the user parameter without restriction into the echo statement. Malicious attackers can exploit this vulnerability to obtain sensitive information from clients |
|---|
| 来源 | ⚠️ https://hackmd.io/@salt9487/BJpKplmrJe |
|---|
| 用户 | salt9487 (UID 78778) |
|---|
| 提交 | 2024-12-20 15時46分 (1 年前) |
|---|
| 管理 | 2024-12-21 10時00分 (18 hours later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 289153 [code-projects Online Exam Mastering System 1.0 /sign.php?q=account.php name/gender/college 跨网站脚本] |
|---|
| 积分 | 19 |
|---|