Professional Service Script
Monthly
PHP Scripts Mall Professional Service Script has CSRF via admin/general_settingupd.php, as demonstrated by modifying a setting in the user panel. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
PHP Scripts Mall Professional Service Script has XSS via the admin/bannerview.php view parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
PHP Scripts Mall Professional Service Script has SQL injection via the admin/review.php id parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
PHP Scripts Mall Professional Service Script allows remote attackers to obtain sensitive full-path information via a crafted PATH_INFO to service-list/category/. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
PHP Scripts Mall Professional Service Script has a predicable registration URL, which makes it easier for remote attackers to register with an invalid or spoofed e-mail address. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
PHP Scripts Mall Professional Service Script has XSS via the admin/general_settingupd.php website_title parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
PHP Scripts Mall Professional Service Script allows remote attackers to obtain sensitive full-path information via the id parameter to admin/review_userwise.php. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
PHP Scripts Mall Professional Service Script has CSRF via admin/general_settingupd.php, as demonstrated by modifying a setting in the user panel. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
PHP Scripts Mall Professional Service Script has XSS via the admin/bannerview.php view parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
PHP Scripts Mall Professional Service Script has SQL injection via the admin/review.php id parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
PHP Scripts Mall Professional Service Script allows remote attackers to obtain sensitive full-path information via a crafted PATH_INFO to service-list/category/. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
PHP Scripts Mall Professional Service Script has a predicable registration URL, which makes it easier for remote attackers to register with an invalid or spoofed e-mail address. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
PHP Scripts Mall Professional Service Script has XSS via the admin/general_settingupd.php website_title parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
PHP Scripts Mall Professional Service Script allows remote attackers to obtain sensitive full-path information via the id parameter to admin/review_userwise.php. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.