漏洞标题
PHPGurukul 教师主题分配管理系统 - 索引.php 跨站脚本
漏洞描述信息
在PHPGurukul教师主题分配管理系统1.0中发现了一个漏洞,并将其归为问题。该漏洞影响了文件index.php中的未知代码。通过输入<script>alert(5)</script>对参数searchdata进行操纵会导致跨站点脚本攻击。攻击可以通过远程启动。漏洞利用程序已公开发布,可以用于攻击。该漏洞的标识符为VDB-247342。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
漏洞类别
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
漏洞标题
PHPGurukul Teacher Subject Allocation Management System index.php cross site scripting
漏洞描述信息
A vulnerability has been found in PHPGurukul Teacher Subject Allocation Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file index.php. The manipulation of the argument searchdata with the input <script>alert(5)</script> leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-247342 is the identifier assigned to this vulnerability.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
漏洞类别
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
漏洞标题
Teacher Subject Allocation Management System 跨站脚本漏洞
漏洞描述信息
Teacher Subject Allocation Management System是教师科目分配管理系统。 PHPGurukul Teacher Subject Allocation Management System 1.0版本存在跨站脚本漏洞,该漏洞源于文件index.php存在跨站脚本(XSS)漏洞。
CVSS信息
N/A
漏洞类别
跨站脚本