DATABASE RESOURCES PRICING ABOUT US

{"id": "1337DAY-ID-37508", "vendorId": null, "type": "zdt", "bulletinFamily": "exploit", "title": "Inventory Management System 1.0 Cross Site Scripting Vulnerability", "description": "", "published": "2022-03-23T00:00:00", "modified": "2022-03-23T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://0day.today/exploit/description/37508", "reporter": "Hejap Zairy", "references": [], "cvelist": [], "immutableFields": [], "lastseen": "2022-06-07T20:09:03", "viewCount": 83, "enchantments": {"vulnersScore": "PENDING"}, "_state": {}, "_internal": {}, "sourceHref": "https://0day.today/exploit/37508", "sourceData": "## Title: Inventory Management System 1.0 XSS Stored \n## Author: Hejap Zairy\n## Vendor: https://www.vetbossel.in/inventory-management-system-php/\n## Software: https://cutt.ly/lOZ8lrr\n## Reference: https://github.com/Matrix07ksa\n# Tested on: ArchLinux, MySQL, Apache\n\n## Description:\nStored XSS, also known as persistent XSS, is the more damaging of the two. It occurs when a malicious script is injected directly into a vulnerable web application. Reflected XSS involves the reflecting of a malicious script off of a web application, onto a user's browser.\n\nStatus: CRITICAL\n[+] Payloads:\n```\nhttps://0day_script.gov//Inventory_Modify.php\n<img src=1 href=1 onerror=\"javascript:alert('HEJAP ZAIRY AL-SHARIF')\"></img>\n```\n\n## Proof and Exploit:\nhttps://streamable.com/4v5h6u\n", "category": "web applications", "verified": true}

{}