PHPGurukul Land Record System Cross-Site Scripting Vulnerability

A cross-site scripting (XSS) vulnerability has been identified in PHPGurukul Land Record System version 1.0. The issue resides in the contactus.php file within the admin directory. This vulnerability allows remote attackers to execute arbitrary code by manipulating the 'pagetitle' parameter.

Impact

Exploitation of this vulnerability allows for cross-site scripting, where an attacker can inject malicious scripts that are executed in the context of the user's browser.

Reproduction

To reproduce this vulnerability, send a request to the contactus.php file in the admin directory, including a payload in the 'pagetitle' parameter that contains the script or code to be executed. This can be done through a web browser or a tool that allows for HTTP request manipulation, such as Burp Suite or Postman.