Súbít #691622: ecommerce-website-master web 1 XSS vulnerabilitybayani

Kuraecommerce-website-master web 1 XSS vulnerability
GaskiyaThe ecommerce-website-master project contains a reflected Cross-Site Scripting (XSS) vulnerability in includes/header_menu.php. The error GET parameter is output without proper encoding, allowing injection of arbitrary JavaScript. PoC: http://localhost/ecommerce-website-master/includes/header_menu.php?error=<script>alert('xss')</script> Impact: Remote attacker can execute JavaScript in victims’ browsers.
Manga⚠️ https://github.com/dream357/report/blob/main/ecommerce-website.docx
Màdùmga
 dream123 (UID 92387)
Furta11/08/2025 15:59 (3 Wurɗi 전)
Gargajiya11/29/2025 21:55 (21 days later)
HalittaShingilam
VulDB gite333797 [winston-dsouza Ecommerce-Website har 87734c043269baac0b4cfe9664784462138b1b2e GET Parameter header_menu.php Kushe Cross Site Scripting]
Nganji20

GurɗoGumtiGada

Want to stay up to date on a daily basis?

Enable the mail alert feature now!