2 matches found
CVE-2023-1042 SourceCodester Online Pet Shop We App update_status.php cross site scripting
A vulnerability has been found in SourceCodester Online Pet Shop We App 1.0 and classified as problematic. This vulnerability affects unknown code of the file /petshop/admin/orders/updatestatus.php. The manipulation of the argument oid with the input 1"alert1111 leads to cross site scripting. The...
CVE-2023-1042
SourceCodester Online Pet Shop We App 1.0 is affected via /pet_shop/admin/orders/update_status.php, where the oid parameter can be manipulated (e.g., 1">) to trigger cross-site scripting. Exploitation appears remote and widely disclosed. Affected component is the update_status endpoint; root c...