[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

Submit #472186: phpgurukul Land Record System 1.0.0.00 Cross Site Scriptinginformação

Titlephpgurukul Land Record System 1.0.0.00 Cross Site Scripting
DescriptionIn the 'add-property.php' file, in the path '/landrecordsys/admin/add-property.php' an unrestricted Cross-Site Scripting (XSS) vulnerability and injection attacks exist in the "Land Record System" system, specifically targeting the 'Land Subtype' parameter. The function executes the user-supplied parameter without validation. Malicious attackers can leverage this vulnerability to access sensitive client information. script: <a href=javascript&colon;alert&lpar;document&period;cookie&rpar;>Click Here</a> The inserted payload is reflected in the path: '/landrecordsys/admin/manage-propertytype.php'
Source⚠️ https://phpgurukul.com/land-record-system-using-php-and-mysql/
User
 Havook (UID 71104)
Submission30/12/2024 17h11 (há 13 Dias)
Moderation31/12/2024 09h58 (17 hours later)
StatusAceite
VulDB Entry289830 [PHPGurukul Land Record System 1.0 /admin/add-property.php Land Subtype cross site scripting]
Points20

VoltarVisão GeralPróximo

Want to stay up to date on a daily basis?

Enable the mail alert feature now!