Cross Site Scripting vulnerability found in Sales Tracker Management System v.1.0 allows a remote attacker to gain privileges via the product list function in the Master.php file.
References
Link | Resource |
---|---|
https://packetstormsecurity.com/files/171686/Sales-Tracker-Management-System-1.0-Cross-Site-Scripting.html | Exploit Third Party Advisory VDB Entry |
https://twitter.com/retrymp3 | Not Applicable |
https://www.sourcecodester.com/php/16061/sales-tracker-management-system-using-php-free-source-code.html | Product |
https://www.sourcecodester.com/users/tips23 | Not Applicable |
Configurations
Configuration 1 (hide)
|
History
13 Apr 2023, 20:52
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-79 | |
First Time |
Sales Tracker Management System Project
Sales Tracker Management System Project sales Tracker Management System |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.1 |
CPE | cpe:2.3:a:sales_tracker_management_system_project:sales_tracker_management_system:1.0:*:*:*:*:*:*:* | |
References | (MISC) https://www.sourcecodester.com/users/tips23 - Not Applicable | |
References | (MISC) https://packetstormsecurity.com/files/171686/Sales-Tracker-Management-System-1.0-Cross-Site-Scripting.html - Exploit, Third Party Advisory, VDB Entry | |
References | (MISC) https://twitter.com/retrymp3 - Not Applicable | |
References | (MISC) https://www.sourcecodester.com/php/16061/sales-tracker-management-system-using-php-free-source-code.html - Product |
10 Apr 2023, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-04-10 21:15
Updated : 2023-12-10 15:01
NVD link : CVE-2023-26773
Mitre link : CVE-2023-26773
CVE.ORG link : CVE-2023-26773
JSON object : View
Products Affected
sales_tracker_management_system_project
- sales_tracker_management_system
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')