Lucene search
K

98 matches found

CVE
CVE
added 2019/03/20 7:21 p.m.34 views

CVE-2018-20646

The CVE-2018-20646 entry concerns PHP Scripts Mall Basic B2B Script 2.0.9, where a directory traversal vulnerability allows listing of an image directory (e.g., uploads/) via a direct request. The vulnerability targets the image directory listing functionality; CVSS metrics indicate a Network att...

6.5CVSS6.5AI score0.01668EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2019/03/20 7:12 p.m.43 views

CVE-2018-20645

Summary of CVE-2018-20645 : The vulnerability affects PHP Scripts Mall Basic B2B Script 2.0.9, with HTML injection possible through the First Name or Last Name fields. The initial disclosure lists a CVSS base score of 5.4 (Medium) on CVSS 3.0 and 3.5 (Low) on CVSS 2.0, indicating a moderate impac...

5.4CVSS5.8AI score0.00665EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/03/20 6:40 p.m.14 views

CVE-2018-20635

PHP Scripts Mall Advance B2B Script 2.1.4 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory...

4.8AI score0.01346EPSS
Exploits1References1
CVE
CVE
added 2019/03/20 6:35 p.m.43 views

CVE-2018-20634

CVE-2018-20634 affects PHP Scripts Mall Advance B2B Script 2.1.4. The vulnerability allows a remote attacker to cause a denial of service by injecting JavaScript in the First Name field, leading to a changed page structure. The available documents do not provide the exploited vectors beyond this ...

6.5CVSS6.5AI score0.0161EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2019/03/20 6:15 p.m.45 views

CVE-2018-20632

CVE-2018-20632 concerns PHP Scripts Mall Advance B2B Script 2.1.4. The vulnerability is a stored Cross-Site Scripting (XSS) that can be triggered via the FIRST NAME or LAST NAME fields. The connected documents do not provide exploit details, status, or remediation, and no other affected component...

5.4CVSS5.3AI score0.00665EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2018/12/17 12:0 a.m.2 views

PHP Scripts Mall Entrepreneur B2B Script Cross-Site Scripting Vulnerability

PHP Scripts Mall Entrepreneur B2B Script is a suite of B2B e-commerce platforms from PHP Scripts Mall India. A cross-site scripting vulnerability exists in PHP Scripts Mall Entrepreneur B2B Script version 3.0.6, which can be exploited by a remote attacker to inject arbitrary web script or HTML vi...

5.4CVSS6.2AI score0.00641EPSS
Exploits1References1
OSV
OSV
added 2018/12/13 6:29 p.m.4 views

CVE-2018-20138

PHP Scripts Mall Entrepreneur B2B Script 3.0.6 allows Stored XSS via Account Settings fields such as FirstName and LastName, a similar issue to CVE-2018-14541...

5.4CVSS5.8AI score0.00641EPSS
Exploits1References1
CNVD
CNVD
added 2018/08/07 12:0 a.m.5 views

PHP Scripts Mall Basic B2B Script Cross-Site Scripting Vulnerability

PHP Scripts Mall Basic B2B Script is a B2B website system script from PHP Scripts Mall India. A cross-site scripting vulnerability exists in PHP Scripts Mall Basic B2B Script version 2.0.0, which can be exploited by remote attackers to inject scripts via the First name, Last name, City, State, or...

5.4CVSS5.4AI score0.00663EPSS
Exploits4References1
OSV
OSV
added 2018/08/04 1:29 a.m.4 views

CVE-2018-14541

PHP Scripts Mall Basic B2B Script 2.0.0 has Reflected and Stored XSS via the First name, Last name, Address 1, City, State, and Company name fields...

5.4CVSS5.8AI score0.00663EPSS
Exploits4References2
NVD
NVD
added 2018/08/04 1:29 a.m.25 views

CVE-2018-14541

PHP Scripts Mall Basic B2B Script 2.0.0 has Reflected and Stored XSS via the First name, Last name, Address 1, City, State, and Company name fields...

5.4CVSS5.3AI score0.00663EPSS
Exploits4References2
CVE
CVE
added 2018/08/03 4:0 p.m.45 views

CVE-2018-14541

CVE-2018-14541 affects PHP Scripts Mall Basic B2B Script 2.0.0. The vulnerability is described as reflected and stored XSS via user-input fields: First name, Last name, Address 1, City, State, and Company name. The connected records also reference a related issue in PHP Scripts Mall Entrepreneur ...

5.4CVSS5.2AI score0.00663EPSS
Exploits4References2Affected Software1
Exploit DB
Exploit DB
added 2018/08/03 12:0 a.m.57 views

Basic B2B Script 2.0.0 - Cross-Site Scripting

Basic B2B Script 2.0.0 - Cross-Site Scripting. CVE-2018-14541. Webapps exploit for PHP platform Exploit Title: PHP Scripts Mall Basic B2B Script 2.0.0 has Stored XSS via the First name, Last name, Address 1, City, State, and Company name fields. Date: 20.07.2018 Site Titel : B2B Script Vendor...

5.4CVSS5.6AI score0.00663EPSS
Exploits4
0day.today
0day.today
added 2018/08/03 12:0 a.m.61 views

Basic B2B Script 2.0.0 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: PHP Scripts Mall Basic B2B Script 2.0.0 has Stored XSS via the First name, Last name, Address 1, City, State, and Company name fields. Site Titel : B2B Script Vendor Homepage: https://www.phpscriptsmall.com/ Vendor Software :...

5.5AI score0.00663EPSS
Exploits4
Packet Storm
Packet Storm
added 2018/08/03 12:0 a.m.44 views

Basic B2B Script 2.0.0 Cross Site Scripting

Exploit Title: PHP Scripts Mall Basic B2B Script 2.0.0 has Stored XSS via the First name, Last name, Address 1, City, State, and Company name fields. Date: 20.07.2018 Site Titel : B2B Script Vendor Homepage: https://www.phpscriptsmall.com/ Vendor Software :...

5.5AI score0.00663EPSS
Exploits4
CNVD
CNVD
added 2017/12/15 12:0 a.m.2 views

PHP Scripts Mall Advance B2B Script SQL Injection Vulnerability

PHP Scripts Mall Advance B2B Script is a set of PHP-based B2B2 business-to-business transactional website scripts from PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall Advance B2B Script version 2.1.3. A remote attacker can exploit this vulnerability by sending the...

9.8CVSS8.2AI score0.0305EPSS
Exploits1References1
OSV
OSV
added 2017/12/13 9:29 a.m.4 views

CVE-2017-17602

Advance B2B Script 2.1.3 has SQL Injection via the tradeshow-list-detail.php showid or view-product.php pid parameter...

9.8CVSS5.8AI score
Exploits0References2
NVD
NVD
added 2017/12/13 9:29 a.m.13 views

CVE-2017-17600

Basic B2B Script 2.0.8 has SQL Injection via the productdetails.php id parameter...

9.8CVSS10AI score0.0305EPSS
Exploits1References2
NVD
NVD
added 2017/12/13 9:29 a.m.16 views

CVE-2017-17602

Advance B2B Script 2.1.3 has SQL Injection via the tradeshow-list-detail.php showid or view-product.php pid parameter...

9.8CVSS10AI score0.0305EPSS
Exploits1References2
Prion
Prion
added 2017/12/13 9:29 a.m.16 views

Sql injection

Basic B2B Script 2.0.8 has SQL Injection via the productdetails.php id parameter...

7.5CVSS9.9AI score0.0305EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2017/12/13 9:29 a.m.14 views

Sql injection

Advance B2B Script 2.1.3 has SQL Injection via the tradeshow-list-detail.php showid or view-product.php pid parameter...

7.5CVSS9.9AI score0.0305EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder