CVE-2021-42662
N/A
N/A
Summary
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Online Event Booking and Reservation System in PHP/MySQL via the Holiday reason parameter. An attacker can leverage this vulnerability in order to run javascript commands on the web server surfers behalf, which can lead to cookie stealing and more.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://www.sourcecodester.com/php/14241/online-event-booking-and-reservation-system-phpmysql.html
- http://packetstormsecurity.com/files/164615/Online-Event-Booking-And-Reservation-System-1.0-Cross-Site-Scripting.html
- https://github.com/TheHackingRabbi/CVE-2021-42662
- https://www.exploit-db.com/exploits/50450
References
- https://www.sourcecodester.com/php/14241/online-event-booking-and-reservation-system-phpmysql.html
- http://packetstormsecurity.com/files/164615/Online-Event-Booking-And-Reservation-System-1.0-Cross-Site-Scripting.html
- https://github.com/TheHackingRabbi/CVE-2021-42662
- https://www.exploit-db.com/exploits/50450
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.