This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
They include all external parameters directly in the sql query. | |
For example-1: | |
https://github.com/tourist5/Online-food-ordering-system/blob/main/all-tickets.php | |
if(isset($_GET['status'])){ | |
$status = $_GET['status']; | |
} | |
else{ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
I found stored XSS vulnerability in userarea Name Surname field. You can exploit with this payload <img src='aa' onerror='javascript:alert(1)' > | |
write in surname field. | |
https://i.imgur.com/Pj1A5bE.png | |
App Link: https://youronlineshop.sourceforge.io/sample/?userarea=1 | |
Download link: https://sourceforge.net/projects/youronlineshop/ | |
Version: 1.8.0 |