Code-Projects Fruit Shop Management System Cross-Site Scripting Vulnerability

A stored cross-site scripting vulnerability has been identified in version 1.0 of the Code-Projects Fruit Shop Management System. The issue resides in the products.php file, where product information is retrieved from the database and displayed without proper escaping of special characters. This flaw allows attackers to inject malicious JavaScript into fields such as product_name, which is then executed in the browsers of users accessing the products.php page, including administrators. The vulnerability could be exploited to steal cookies, including login credentials, and impersonate users, potentially leading to unauthorized changes in product data or other administrative actions.

Impact

Exploitation of this vulnerability allows for the injection of malicious scripts that are executed in the context of the user viewing the products.php page. This could result in session hijacking, theft of sensitive information, phishing attacks, or abuse of user permissions, especially if the victim is an administrator.

Reproduction

To reproduce this vulnerability, access the product addition page and submit a payload, such as a script tag containing JavaScript, in the product name field. After saving the product information, visit the products.php page, where the injected script will be executed, confirming the presence of the cross-site scripting vulnerability.

Remediation

It is recommended to escape all user-controlled data before outputting it to the HTML page, using functions like htmlspecialchars(). Additionally, validate user inputs on product addition and editing pages to restrict special characters, allowing only legal characters through a whitelist approach.