Skip to content
main
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
CVE-mitre/CVE-2021-43141/
CVE-mitre/CVE-2021-43141/

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
PoC
 
 
 
 
 
 

CVE-2021-43141

Vendor

Description:

Cross-Site Scripting (XSS) vulnerability exists in Sourcecodester Simple Subscription Website 1.0 via the id parameter in plan_application and users_application. The attacker can use SQL - Injection bypass Authentication method to log in to the admin account of the system and then he can exploit this account by using XSS-Stored to attack and exploit the account, and then he can use remote requests to hijack PHPSESSID and can exploit this account and users into it by using an XSS-Stored method! Conclusion: The status of this system is CRITICAL and awful, and this must be stopped immediately for distribution!

Action:

Reproduce:

href

Proof and exploit:

href