CVE-2018-5072

CVE-2018-5072 describes a Cross-Site Scripting (XSS) vulnerability in Online Ticket Booking, exploitable via the admin/sitesettings.php keyword parameter. Multiple connected records confirm the issue and describe the impact as XSS, with CVSS scores from NVD indicating low–medium severity (base sc...

CVE-2017-17940

PHP Scripts Mall Single Theater Booking has XSS via the title parameter to admin/sitesettings.php...

CVE-2017-17939

The CVE-2017-17939 entry relates to PHP Scripts Mall Single Theater Booking and describes a Cross-Site Request Forgery (CSRF) vulnerability in the admin/sitesettings.php page. The affected software/component is PHP Scripts Mall Single Theater Booking; the underlying issue is CSRF that allows an a...

Design/Logic Flaw

PHP Scripts Mall Car Rental Script has XSS via the admin/areaedit.php carid parameter or the admin/sitesettings.php websitename parameter...

CVE-2017-17907

CVE-2017-17907 affects PHP Scripts Mall Car Rental Script and is an XSS vulnerability exploitable via the admin/areaedit.php?carid parameter or admin/sitesettings.php?websitename parameter. Public records describe reflected/stored XSS vectors in these parameters, enabling injecting HTML/JS conten...