Skip to main content

Website Seller Script

7 CVEs product

Monthly

CVE-2018-20530 MEDIUM POC This Month

PHP Scripts Mall Website Seller Script 2.0.5 has XSS via a Profile field such as Company Address, a related issue to CVE-2018-15896. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Website Seller Script
NVD
CVSS 3.0
5.4
EPSS
0.5%
CVE-2018-16456 MEDIUM POC This Month

PHP Scripts Mall Website Seller Script 2.0.5 has XSS via a keyword. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Website Seller Script
NVD
CVSS 3.0
6.1
EPSS
0.7%
CVE-2018-15897 MEDIUM POC This Month

PHP Scripts Mall Website Seller Script 2.0.5 allows remote attackers to cause a denial of service via crafted JavaScript code in the First Name, Last Name, Company Name, or Fax field, as demonstrated. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow PHP Website Seller Script
NVD
CVSS 3.0
6.5
EPSS
1.1%
CVE-2018-15896 MEDIUM POC This Month

PHP Scripts Mall Website Seller Script 2.0.5 has XSS via Personal Address or Company Name. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Website Seller Script
NVD
CVSS 3.0
5.4
EPSS
0.5%
CVE-2018-11501 HIGH POC This Week

PHP Scripts Mall Website Seller Script 2.0.3 has CSRF via user_submit.php?upd=2, with resultant XSS. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

CSRF XSS PHP Website Seller Script
NVD
CVSS 3.0
8.8
EPSS
0.6%
CVE-2018-6879 HIGH POC This Week

PHP Scripts Mall Website Seller Script 2.0.3 uses the client side to enforce validation of an e-mail address, which allows remote attackers to modify a registered e-mail address by removing the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure PHP Website Seller Script
NVD
CVSS 3.0
8.8
EPSS
1.1%
CVE-2018-6870 MEDIUM POC This Month

Reflected XSS exists in PHP Scripts Mall Website Seller Script 2.0.3 via the Listings Search feature. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Website Seller Script
NVD
CVSS 3.0
6.1
EPSS
0.7%
EPSS 1% CVSS 5.4
MEDIUM POC This Month

PHP Scripts Mall Website Seller Script 2.0.5 has XSS via a Profile field such as Company Address, a related issue to CVE-2018-15896. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Website Seller Script
NVD
EPSS 1% CVSS 6.1
MEDIUM POC This Month

PHP Scripts Mall Website Seller Script 2.0.5 has XSS via a keyword. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Website Seller Script
NVD
EPSS 1% CVSS 6.5
MEDIUM POC This Month

PHP Scripts Mall Website Seller Script 2.0.5 allows remote attackers to cause a denial of service via crafted JavaScript code in the First Name, Last Name, Company Name, or Fax field, as demonstrated. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow PHP +1
NVD
EPSS 1% CVSS 5.4
MEDIUM POC This Month

PHP Scripts Mall Website Seller Script 2.0.5 has XSS via Personal Address or Company Name. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Website Seller Script
NVD
EPSS 1% CVSS 8.8
HIGH POC This Week

PHP Scripts Mall Website Seller Script 2.0.3 has CSRF via user_submit.php?upd=2, with resultant XSS. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

CSRF XSS PHP +1
NVD
EPSS 1% CVSS 8.8
HIGH POC This Week

PHP Scripts Mall Website Seller Script 2.0.3 uses the client side to enforce validation of an e-mail address, which allows remote attackers to modify a registered e-mail address by removing the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure PHP Website Seller Script
NVD
EPSS 1% CVSS 6.1
MEDIUM POC This Month

Reflected XSS exists in PHP Scripts Mall Website Seller Script 2.0.3 via the Listings Search feature. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Website Seller Script
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy