Lucene search

[email protected]CVE-2018-6796

HistoryFeb 07, 2018 - 9:29 p.m.

CVE-2018-6796

2018-02-0721:29:00

CWE-79

[email protected]

web.nvd.nist.gov

cve-2018-6796

php

scripts mall

multilanguage

real estate

mlm script

stored xss

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

0.0005 Low

EPSS

Percentile

17.6%

JSON

PHP Scripts Mall Multilanguage Real Estate MLM Script 3.0 has Stored XSS via every profile input field.

Affected configurations

NVD

Node

multilanguage_real_estate_mlm_script_projectmultilanguage_real_estate_mlm_scriptMatch3.0

CPENameOperatorVersion
multilanguage_real_estate_mlm_script_project:multilanguage_real_estate_mlm_scriptmultilanguage real estate mlm script project multilanguage real estate mlm scripteq3.0

CPE	Name	Operator	Version
multilanguage_real_estate_mlm_script_project:multilanguage_real_estate_mlm_script	multilanguage real estate mlm script project multilanguage real estate mlm script	eq	3.0

References

exploit-db.com/exploits/43989/

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

0.0005 Low

EPSS

Percentile

17.6%

JSON

Related for CVE-2018-6796

nvd1 prion1 cvelist1