SQLI/stored XSS vulnerabilities

Brought to you by: roflo1, sandking

#84 SQLI/stored XSS vulnerabilities

Milestone: v1.0 (example)

Status: open

Owner: nobody

Labels: None

Priority: 5

Updated: 2024-05-07

Created: 2022-12-04

Creator: ac

Private: No

To the developers,

In the progress of our security research project, we found SQLI/stored XSS vulnerabilities in version 1.0.0 of the application. SQLI Related files: mainmenu.php. stored XSS related files: chess.php, opponentspassword.php

Please contact us at ca224test@gmail.com, so we can provide reproducing steps of the vulnerabilities.
Thank you.

Discussion

ac - 2024-05-07

we further found request race vulnerabilities in version 1.0.0 of the application. Please contact us at ca224test@gmail.com, so we can provide reproducing steps of the vulnerabilities.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

spacewave - 2024-05-07

Last edit: spacewave 2024-05-14

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

SQLI/stored XSS vulnerabilities

Group

Searches

Help

#84 SQLI/stored XSS vulnerabilities

Discussion