Online Ticket Booking has XSS via the admin/newsedit.php newstitle parameter.
References
Link | Resource |
---|---|
https://github.com/d4wner/Vulnerabilities-Report/blob/master/Advanced%20Real%20Estate%20Script.md | Exploit Issue Tracking Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2018-01-03 12:29
Updated : 2018-01-17 06:50
NVD link : CVE-2018-5076
Mitre link : CVE-2018-5076
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
advanced_real_estate_script_project
- advanced_real_estate_script