CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

PHP Scripts Mall Chartered Accountant:Auditor Website is an accounting auditor website system script from PHP Scripts Mall, India. A cross-site scripting vulnerability exists in the Profile Update page in PHP Scripts Mall Chartered Accountant : Auditor Website version 2.0.1, which can be exploite...

5.4CVSS6.5AI score0.00206EPSS

Exploits1References1

NVD•added 2019/06/06 4:29 p.m.•11 views

CVE-2019-7553

PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has Stored XSS in the Profile Update page via the My Name field...

5.4CVSS5.3AI score0.00206EPSS

Exploits1References1

CVE•added 2019/06/06 12:0 a.m.•112 views

CVE-2019-7553

CVE-2019-7553 affects PHP Scripts Mall Chartered Accountant: Auditor Website version 2.0.1, with a Stored XSS in the Profile Update page via the My Name field. Several sources (Red Hat advisory, CNVD, CVE listings, and PT-2019-18644) confirm the vulnerability type as stored XSS and point to the s...

5.4CVSS5.2AI score0.00206EPSS

Exploits1References1Affected Software1

OSV•added 2019/03/21 4:0 p.m.•1 views

CVE-2018-20636

PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has HTML injection via the First Name field...

5.4CVSS5.8AI score0.00206EPSS

Exploits1References1

OSV•added 2019/03/21 4:0 p.m.•1 views

CVE-2018-20637

PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 allows remote attackers to cause a denial of service unrecoverable blank profile via crafted JavaScript code in the First Name and Last Name field...

6.5CVSS5.9AI score0.00516EPSS

Exploits1References1

NVD•added 2019/03/21 4:0 p.m.•7 views

CVE-2018-20638

PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory...

6.5CVSS6.6AI score0.00355EPSS

Exploits1References1

Prion•added 2019/03/21 4:0 p.m.•13 views

Code injection

4CVSS6.5AI score0.00516EPSS

Exploits1References1

Cvelist•added 2019/03/20 6:49 p.m.•13 views

CVE-2018-20638

PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory...

6.6AI score0.00355EPSS

Exploits1References1

CVE•added 2019/03/20 6:46 p.m.•41 views

CVE-2018-20637

CVE-2018-20637 affects PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1. The vulnerability allows remote attackers to cause a denial of service (unrecoverable blank profile) by sending crafted JavaScript in the First Name and Last Name fields. Documented impact per CVSS metrics shows...

6.5CVSS6.5AI score0.00516EPSS

Exploits1References1Affected Software1

CVE•added 2019/03/20 6:43 p.m.•36 views

CVE-2018-20636

CVE-2018-20636 affects PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1. The vulnerability is HTML injection via the First Name field. Public references confirm the product/version and injection class; CVSS v3.0 base score is 5.4 (MEDIUM) with network access and user interaction requ...

5.4CVSS5.8AI score0.00206EPSS

Exploits1References1Affected Software1

OSV•added 2018/08/10 3:29 p.m.•1 views

CVE-2018-15186

PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has CSRF via client/auditor/updprofile.php...

8.8CVSS5.8AI score0.00138EPSS

Exploits1References1

NVD•added 2018/08/10 3:29 p.m.•13 views

CVE-2018-15186

PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has CSRF via client/auditor/updprofile.php...

8.8CVSS8.8AI score0.00138EPSS

Exploits1References1