Skip to content

Instantly share code, notes, and snippets.

@enferas
Last active January 21, 2023 12:01
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Embed
What would you like to do?
XSS in InventorySystem

CVE-2023-23014 is assigned

Link: https://github.com/ronknight/InventorySystem

Mutiple XSS vulnerabilities.

For example,

In file InventorySystem-master\application\controllers\Stores.php in update function

$data = array(
	'name' => $this->input->post('edit_store_name'),
	'active' => $this->input->post('edit_active'),	
);

$update = $this->model_stores->update($data, $id);

In file InventorySystem-master\application\models\Model_stores.php

public function update($data, $id){
  if($data && $id) {
	  $this->db->where('id', $id);
	  $update = $this->db->update('stores', $data);
	  return ($update == true) ? true : false;
  }
}

Then In file InventorySystem-master\application\controllers\Stores.php

public function fetchStoresDataById($id) {
  if($id) {
	  $data = $this->model_stores->getStoresData($id);
	  echo json_encode($data);
  }
}

In file InventorySystem-master\application\models\Model_stores.php

public function getStoresData($id = null){
  if($id) {
	  $sql = "SELECT * FROM `stores` where id = ?";
	  $query = $this->db->query($sql, array($id));
	  return $query->row_array();
  }
  
  $sql = "SELECT * FROM `stores`";
  $query = $this->db->query($sql);
  return $query->result_array();
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment