Skip to main content

Website Broker Script

2 CVEs product

Monthly

CVE-2018-6900 MEDIUM POC This Month

PHP Scripts Mall Website Broker Script 3.0.6 has XSS via the Last Name field on the My Profile page. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Website Broker Script
NVD
CVSS 3.0
5.4
EPSS
0.5%
CVE-2017-15992 CRITICAL POC Act Now

Website Broker Script allows SQL Injection via the 'status_id' Parameter to status_list.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Website Broker Script
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
1.4%
EPSS 1% CVSS 5.4
MEDIUM POC This Month

PHP Scripts Mall Website Broker Script 3.0.6 has XSS via the Last Name field on the My Profile page. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Website Broker Script
NVD
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Website Broker Script allows SQL Injection via the 'status_id' Parameter to status_list.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Website Broker Script
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy