Headline
CVE-2022-2683: CVE_demo/Simple Food Ordering System-XSS.md at main · anx0ing/CVE_demo
A vulnerability, which was classified as problematic, was found in SourceCodester Simple Food Ordering System 1.0. This affects an unknown part of the file /login.php. The manipulation of the argument email/password with the input "><ScRiPt>alert(1)</sCrIpT> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-205671.
Permalink
main
Switch branches/tags
Go to file
Go to file
Copy path
Copy permalink
anx0ing Create Simple Food Ordering System-XSS.md
Latest commit ff2d9e2 Aug 5, 2022
History
1 contributor
Users who have contributed to this file
Simple Food Ordering System-XSS Date: 2022-08/05 Exploit Author: [email protected] Vendor Homepage: Software Link: Version: 1.0 /login.php
43 lines (18 sloc) 603 Bytes
Raw Blame
Open in GitHub Desktop
- Open with Desktop
- View raw
- Copy raw contents
- View blame
Simple Food Ordering System-XSS****Date:
2022-08/05
Exploit Author:
Vendor Homepage:
https://www.sourcecodester.com
Software Link:
https://www.sourcecodester.com/php/15418/simple-food-ordering-system-client-side-phpmysqli-free-source-code.html
Version:
1.0
/login.php
email、passwordParameters have Cross Site Scripting(XSS)
POC
"><ScRiPt>alert(1)</sCrIpT>