Code-Projects Car Rental Management System Cross-Site Scripting Vulnerability

A stored cross-site scripting vulnerability has been identified in the Code-Projects Car Rental Management System version 1.0. The issue arises in the '/admin/manage-pages.php' file, where the 'pgdetails' parameter is processed without proper sanitization. This allows authenticated attackers to inject malicious scripts that are executed when other users view the 'FAQs' page, potentially leading to data theft, redirection to malicious sites, or account compromise.

Impact

Exploitation of this vulnerability allows for stored cross-site scripting, where injected scripts are executed in the context of the user viewing the 'FAQs' page. This could result in theft of cookies or session tokens, redirection to phishing sites, or compromise of user accounts.

Reproduction

To reproduce this vulnerability, log in as an admin and navigate to the '/admin/manage-pages.php' endpoint. Select the 'FAQs' section and update the 'pgdetails' parameter with a script payload, such as a JavaScript alert. Once the payload is saved, visit the '/page.php?type=faqs' page to see the injected script execute, demonstrating the cross-site scripting vulnerability.

Remediation

Sanitize the 'pgdetails' input using PHP's 'htmlentities()' function to encode special characters before outputting them on the page.