Skip to main content

Rental Bike Script

3 CVEs product

Monthly

CVE-2019-7434 MEDIUM POC This Month

PHP Scripts Mall Rental Bike Script 2.0.3 has directory traversal via a direct request for a listing of an uploads directory. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Information Disclosure Rental Bike Script
NVD
CVSS 3.0
6.5
EPSS
1.4%
CVE-2019-7433 HIGH POC This Week

PHP Scripts Mall Rental Bike Script 2.0.3 has Cross-Site Request Forgery (CSRF) via the Edit Profile feature. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP CSRF Rental Bike Script
NVD
CVSS 3.0
8.8
EPSS
0.6%
CVE-2019-7432 MEDIUM POC This Month

PHP Scripts Mall Rental Bike Script 2.0.3 has HTML injection via the STREET field in the Profile Edit section. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Rental Bike Script
NVD
CVSS 3.0
5.4
EPSS
0.7%
EPSS 1% CVSS 6.5
MEDIUM POC This Month

PHP Scripts Mall Rental Bike Script 2.0.3 has directory traversal via a direct request for a listing of an uploads directory. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Information Disclosure +1
NVD
EPSS 1% CVSS 8.8
HIGH POC This Week

PHP Scripts Mall Rental Bike Script 2.0.3 has Cross-Site Request Forgery (CSRF) via the Edit Profile feature. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP CSRF Rental Bike Script
NVD
EPSS 1% CVSS 5.4
MEDIUM POC This Month

PHP Scripts Mall Rental Bike Script 2.0.3 has HTML injection via the STREET field in the Profile Edit section. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Rental Bike Script
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy