PHP Scripts Mall Basic B2B Script 2.0.0 has Reflected and Stored XSS via the First name, Last name, Address 1, City, State, and Company name fields. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
XSS
PHP
Basic B2B
NVD
Exploit-DB
CVSS 3.0
5.4
EPSS
0.7%
Tenda D152 ADSL routers allow XSS via a crafted SSID. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
XSS
Tenda
D152 Firmware
NVD
Exploit-DB
CVSS 3.0
5.4
EPSS
1.6%