Skip to main content

Marketplace Digital Products Php

4 CVEs product

Monthly

CVE-2017-17937 MEDIUM POC This Month

Vanguard Marketplace Digital Products PHP has XSS via the phps_query parameter to /search. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Marketplace Digital Products Php
NVD GitHub
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-17936 HIGH POC This Week

Vanguard Marketplace Digital Products PHP has CSRF via /search. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Marketplace Digital Products Php
NVD GitHub
CVSS 3.0
8.8
EPSS
0.1%
CVE-2017-17874 HIGH POC This Week

Vanguard Marketplace Digital Products PHP 1.4 allows arbitrary file upload via an "Add a new product" or "Add a product preview" action, which can make a .php file accessible under a uploads/ URI. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP File Upload Marketplace Digital Products Php
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
2.4%
CVE-2017-17873 CRITICAL POC Act Now

Vanguard Marketplace Digital Products PHP 1.4 has SQL Injection via the PATH_INFO to the /p URI. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Marketplace Digital Products Php
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
1.4%
EPSS 0% CVSS 6.1
MEDIUM POC This Month

Vanguard Marketplace Digital Products PHP has XSS via the phps_query parameter to /search. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Marketplace Digital Products Php
NVD GitHub
EPSS 0% CVSS 8.8
HIGH POC This Week

Vanguard Marketplace Digital Products PHP has CSRF via /search. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Marketplace Digital Products Php
NVD GitHub
EPSS 2% CVSS 8.8
HIGH POC This Week

Vanguard Marketplace Digital Products PHP 1.4 allows arbitrary file upload via an "Add a new product" or "Add a product preview" action, which can make a .php file accessible under a uploads/ URI. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP File Upload Marketplace Digital Products Php
NVD Exploit-DB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Vanguard Marketplace Digital Products PHP 1.4 has SQL Injection via the PATH_INFO to the /p URI. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Marketplace Digital Products Php
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy