CVE-2023-46974 PoC — Best Courier Management System 跨站脚本漏洞

Source

Associated Vulnerability

Description

POC

Readme

# CVE-2023-46974
POC

> [Description]
> Cross Site Scripting vulnerability in Best Courier Management System
> v.1.000 allows a remote attacker to execute arbitrary code via a
> crafted payload to the page parameter in the URL.
>
> ------------------------------------------
>
> [Vulnerability Type]
> Cross Site Scripting (XSS)
>
> ------------------------------------------
>
> [Vendor of Product]
> https://www.sourcecodester.com/php/16848/best-courier-management-system-project-php.html
>
> ------------------------------------------
>
> [Affected Product Code Base]
> v 1.000 - Best courier management system
>
> ------------------------------------------
>
> [Affected Component]
> All URL's
>
> ------------------------------------------
>
> [Attack Type]
> Remote
>
> ------------------------------------------
>
> [Impact Code execution]
> true
>
> ------------------------------------------
>
> [Attack Vectors]
> exploitation possible via link (Remote)
>
> ------------------------------------------
>
> [Reference]
> https://youtu.be/5oVfJHT_-Ys
>
> ------------------------------------------
>
> [Discoverer]
> Yagyesh K. Tiwari

File Snapshot

 [4.0K]  /data/pocs/65f1fe9804e48cbe3c3ccb01f54218c1ec02e4aa
└── [1.1K]  README.md

0 directories, 1 file

Remarks