Skip to main content

Professional Service Script

7 CVEs product

Monthly

CVE-2017-17930 HIGH POC This Week

PHP Scripts Mall Professional Service Script has CSRF via admin/general_settingupd.php, as demonstrated by modifying a setting in the user panel. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Professional Service Script
NVD GitHub
CVSS 3.0
8.8
EPSS
0.1%
CVE-2017-17929 MEDIUM POC This Month

PHP Scripts Mall Professional Service Script has XSS via the admin/bannerview.php view parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Professional Service Script
NVD GitHub
CVSS 3.0
4.8
EPSS
0.2%
CVE-2017-17928 CRITICAL POC Act Now

PHP Scripts Mall Professional Service Script has SQL injection via the admin/review.php id parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Professional Service Script
NVD GitHub
CVSS 3.0
9.8
EPSS
0.2%
CVE-2017-17927 MEDIUM POC This Month

PHP Scripts Mall Professional Service Script allows remote attackers to obtain sensitive full-path information via a crafted PATH_INFO to service-list/category/. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP Professional Service Script
NVD GitHub
CVSS 3.0
5.3
EPSS
0.2%
CVE-2017-17926 MEDIUM POC This Month

PHP Scripts Mall Professional Service Script has a predicable registration URL, which makes it easier for remote attackers to register with an invalid or spoofed e-mail address. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Professional Service Script
NVD GitHub
CVSS 3.0
5.3
EPSS
0.2%
CVE-2017-17925 MEDIUM POC This Month

PHP Scripts Mall Professional Service Script has XSS via the admin/general_settingupd.php website_title parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Professional Service Script
NVD GitHub
CVSS 3.0
4.8
EPSS
0.2%
CVE-2017-17924 MEDIUM POC This Month

PHP Scripts Mall Professional Service Script allows remote attackers to obtain sensitive full-path information via the id parameter to admin/review_userwise.php. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP Professional Service Script
NVD GitHub
CVSS 3.0
5.3
EPSS
0.2%
EPSS 0% CVSS 8.8
HIGH POC This Week

PHP Scripts Mall Professional Service Script has CSRF via admin/general_settingupd.php, as demonstrated by modifying a setting in the user panel. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Professional Service Script
NVD GitHub
EPSS 0% CVSS 4.8
MEDIUM POC This Month

PHP Scripts Mall Professional Service Script has XSS via the admin/bannerview.php view parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Professional Service Script
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

PHP Scripts Mall Professional Service Script has SQL injection via the admin/review.php id parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Professional Service Script
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM POC This Month

PHP Scripts Mall Professional Service Script allows remote attackers to obtain sensitive full-path information via a crafted PATH_INFO to service-list/category/. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP Professional Service Script
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM POC This Month

PHP Scripts Mall Professional Service Script has a predicable registration URL, which makes it easier for remote attackers to register with an invalid or spoofed e-mail address. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Professional Service Script
NVD GitHub
EPSS 0% CVSS 4.8
MEDIUM POC This Month

PHP Scripts Mall Professional Service Script has XSS via the admin/general_settingupd.php website_title parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Professional Service Script
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM POC This Month

PHP Scripts Mall Professional Service Script allows remote attackers to obtain sensitive full-path information via the id parameter to admin/review_userwise.php. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP Professional Service Script
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy