Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

XSS vulnerability in system management page #41

Closed
NKingpp opened this issue Jan 8, 2020 · 1 comment
Closed

XSS vulnerability in system management page #41

NKingpp opened this issue Jan 8, 2020 · 1 comment

Comments

@NKingpp
Copy link

NKingpp commented Jan 8, 2020

Hello, I found XSS vulnerability in the system management page。
1
This is the payload When I tested:
page:index.php
Param:c=new&m=set
ParamKey:mail
POSTData:
group=0&mail=&passwd=g00dPa%24%24w0rD&phone=555-666-0606&status=1&username=GRLpGpAGa
2

@TideSec
Copy link
Owner

TideSec commented Mar 5, 2020

是的,之前就已经发现了谢谢不过因为忙着开发新系统,所以也没修补。。

@TideSec TideSec closed this as completed Mar 5, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants