Hotels_Server icon indicating copy to clipboard operation
Hotels_Server copied to clipboard

Published 20 hours ago verified publisher icon FantasticLBP

XSS Vulnerability in /view/hotelList.php

Open Anion3r opened this issue 6 years ago • 0 comments

In /view/hotelList.php

image

As you see, there are not any filtration in all ‘echo’s.

Also in /controller/publishHotel.php , these are inserted into database without filtration

image

After all, we can enjoy XSS

image

image

Anion3r avatar Jan 23 '19 16:01 Anion3r