royblume

icon indicating a website link royblume.github.io

icon location CISSP, OSCP, OSED, OSWE, CRTO, GX-PT, GPEN, GCFA, GCFE, GCIH

Results 3 issues of royblume

XSS Vulnerability

Line 25 of msg.php is vulnerable to Cross Site Scripting (XSS), due to the "title" parameter being improperly sanitzed. A proof-of-concept is: [DOMAIN]/msg.php?title=alert('XSS')

DOM XSS

1 comment

A DOM-based Cross-Site Scripting (XSS) vulnerability exists on line 1 of papers.php. The application dynamically includes unsanitized user-supplied input ($_GET["id"]) into the JavaScript context of an onclick attribute. An attacker...

XSS Vulnerability

A Cross-Site Scripting (XSS) vulnerability exists in s.php of the pkgdoc GitHub repository. The s parameter is improperly sanitized before being embedded in the HTML output. An attacker can exploit...