Building environment:Apache2.4.49;MySQL5.7.26;PHP7.3.4
Movie Ticket Booking System-PHP-There is a storage XSS vulnerability
At editBooking In PHP, from the 63rd line of code to the 70th line of code, the content entered by the user is directly stored in the database without filtering, and then displayed and processed in view.php, and then viewed In PHP, from line 91 to line 101, the content input by the front end is directly output without any tag closing
POC:
ace<script>alert(document.cookie)</script>
The text was updated successfully, but these errors were encountered:
Building environment:Apache2.4.49;MySQL5.7.26;PHP7.3.4
Movie Ticket Booking System-PHP-There is a storage XSS vulnerability
At editBooking In PHP, from the 63rd line of code to the 70th line of code, the content entered by the user is directly stored in the database without filtering, and then displayed and processed in view.php, and then viewed In PHP, from line 91 to line 101, the content input by the front end is directly output without any tag closing
POC:
The text was updated successfully, but these errors were encountered: