Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
huntrMohamedabdelhady93383CFED62-AF8B-4AAA-94F2-5A33DC0C2D69
HistoryDec 19, 2022 - 4:03 p.m.

Stored XSS in admin panel (users page)

2022-12-1916:03:24
mohamedabdelhady933
www.huntr.dev
10
stored xss
admin panel
users page
name input
bug bounty

EPSS

0.001

Percentile

20.0%

JSON

Description

Stored XSS in admin panel in users page via inject XSS payload in Name input field by any user to affect the admin panel

Proof of Concept

https://drive.google.com/file/d/1EsYq3R6GRAdEbpZxp2RwQwGr4G8fJGB7/view?usp=sharing

Related

osv 2
prion 1
cnvd 1
veracode 1
cve 1
nvd 1
github 1
cvelist 1
openvas 1
osv
osv
phpMyFAQ Stored Cross-site Scripting vulnerability
2023-01-16 00:30:25
CVE-2023-0308
2023-01-15 22:15:10
prion
prion
Cross site scripting
2023-01-15 22:15:00
cnvd
cnvd
phpMyFAQ Cross-Site Scripting Vulnerability (CNVD-2023-04318)
2023-01-16 00:00:00
veracode
veracode
Cross-Site Scripting (XSS)
2023-01-26 08:34:25
cve
cve
CVE-2023-0308
2023-01-15 22:15:10
nvd
nvd
CVE-2023-0308
2023-01-15 22:15:10
github
github
phpMyFAQ Stored Cross-site Scripting vulnerability
2023-01-16 00:30:25
cvelist
cvelist
CVE-2023-0308 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq
2023-01-15 00:00:00
openvas
openvas
phpMyFAQ < 3.1.10 Multiple Vulnerabilities
2023-01-16 00:00:00

EPSS

0.001

Percentile

20.0%

JSON
Related for 83CFED62-AF8B-4AAA-94F2-5A33DC0C2D69
osv2prion1cnvd1veracode1cve1nvd1github1cvelist1openvas1