Jewelry Shop Management System - Multiple XSS
2023-12-11 06:31:42 Author: cxsecurity.com(查看原文) 阅读量:6 收藏

# Title : Jewelry Shop Management System - Multiple XSS # Author : @Eawhitehat - Eren Arslan # Demo available : https://www.sourcecodester.com/php/15426/jewelry-shop-management-system-php-using-codeigniter-free-source-code.html # CVE: N/A # Screenshot : https://prnt.sc/K5qLLCel2J2j Used Payload : "><script>(/eawhitehat is here/)</script> Admin account : Email: [email protected] Password: nurhodelta Method : Connect to panel : http://localhost/app/ #Vulnerabîlity After login with 1. Go to your profile by clicking on your account in the upper right corner 2. Click on "Profile". 3. Edit your information on the first category 4. Enter the payload "><script>(/Hey Hoy/)</script> 5. Save and the payload will be loaded Enjoy !


文章来源: https://cxsecurity.com/issue/WLB-2023120022
如有侵权请联系:admin#unsafe.sh