PHP Login System 2.0.1 - Cross-Site Scripting

msaad1999's PHP-Login-System 2.0.1 contains a reflected cross-site scripting caused by unsanitized input in 'validator' parameter in /reset-password, letting remote attackers execute arbitrary JavaScript in a user's browser, exploit requires attacker to craft malicious URL id: CVE-2023-38875 info...

CVE-2023-38875

A reflected cross-site scripting XSS vulnerability in msaad1999's PHP-Login-System 2.0.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'validator' parameter in '/reset-password'...

PT-2024-21393 · Unknown · Klik Socialmediawebsite

Name of the Vulnerable Software and Affected Versions: KLiK SocialMediaWebsite version 1.0.1 Description: A reflected cross-site scripting XSS vulnerability may allow remote attackers to execute arbitrary JavaScript in the web browser of a user. This can be achieved by including a malicious paylo...

CVE-2023-38875

A reflected cross-site scripting XSS vulnerability in msaad1999's PHP-Login-System 2.0.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'validator' parameter in '/reset-password'...

PHP-Login-System Cross-Site Scripting Vulnerability

PHP-Login-System is a web application. A security vulnerability exists in PHP-Login-System version 2.0.1, which stems from a vulnerability that allows a remote attacker to execute arbitrary JavaScript - passwords in a user's web browser by including a malicious load in the validator parameter in...