Skip to main content

Auditor Website Project

3 CVEs product

Monthly

CVE-2019-7553 MEDIUM POC This Month

PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has Stored XSS in the Profile Update page via the My Name field. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Auditor Website Project
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2018-15186 HIGH POC This Week

PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has CSRF via client/auditor/updprofile.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Auditor Website Project
NVD
CVSS 3.0
8.8
EPSS
0.5%
CVE-2018-13256 MEDIUM POC This Month

PHP Scripts Mall Auditor Website 2.0.1 has XSS via the lastname or firstname parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Auditor Website Project
NVD Exploit-DB
CVSS 3.1
6.1
EPSS
1.0%
EPSS 1% CVSS 5.4
MEDIUM POC This Month

PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has Stored XSS in the Profile Update page via the My Name field. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Auditor Website Project
NVD
EPSS 1% CVSS 8.8
HIGH POC This Week

PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has CSRF via client/auditor/updprofile.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Auditor Website Project
NVD
EPSS 1% CVSS 6.1
MEDIUM POC This Month

PHP Scripts Mall Auditor Website 2.0.1 has XSS via the lastname or firstname parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Auditor Website Project
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy