Skip to main content
CVE-2019-9065 MEDIUM POC This Month

PHP Scripts Mall Custom T-Shirt Ecommerce Script 3.1.1 allows parameter tampering of the payment amount. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Custom T Shirt Ecommerce Script
NVD
CVSS 3.0
6.5
EPSS
0.9%
CVE-2019-9063 MEDIUM POC This Month

PHP Scripts Mall Auction website script 2.0.4 allows parameter tampering of the payment amount. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Auction Website Script
NVD
CVSS 3.0
6.5
EPSS
0.9%
CVE-2019-9052 MEDIUM POC This Month

An issue was discovered in Pluck 4.7.9-dev1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP CSRF Pluck
NVD GitHub
CVSS 3.0
6.5
EPSS
0.6%
CVE-2019-9051 MEDIUM POC This Month

An issue was discovered in Pluck 4.7.9-dev1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP CSRF Pluck
NVD GitHub
CVSS 3.0
6.5
EPSS
0.6%
CVE-2019-9049 MEDIUM POC This Month

An issue was discovered in Pluck 4.7.9-dev1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP CSRF Pluck
NVD GitHub
CVSS 3.0
6.5
EPSS
0.6%
CVE-2019-9048 MEDIUM POC This Month

An issue was discovered in Pluck 4.7.9-dev1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP CSRF Pluck
NVD GitHub
CVSS 3.0
6.5
EPSS
0.6%
CVE-2019-9066 MEDIUM POC This Month

PHP Scripts Mall PHP Appointment Booking Script 3.0.3 allows HTML injection in a user profile. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Php Appointment Booking Script
NVD
CVSS 3.0
5.4
EPSS
0.6%
CVE-2019-9064 MEDIUM POC This Month

PHP Scripts Mall Cab Booking Script 1.0.3 allows Directory Traversal into the parent directory of a jpg or png file. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Cab Booking Script
NVD
CVSS 3.0
5.3
EPSS
1.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy