35 matches found
EUVD-2017-8767
Malware in sbrugna...
PHP Scripts Mall Chartered Accountant:Auditor Website Cross-Site Scripting Vulnerability
PHP Scripts Mall Chartered Accountant:Auditor Website is an accounting auditor website system script from PHP Scripts Mall, India. A cross-site scripting vulnerability exists in the Profile Update page in PHP Scripts Mall Chartered Accountant : Auditor Website version 2.0.1, which can be exploite...
CVE-2019-7553
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has Stored XSS in the Profile Update page via the My Name field...
Cross site scripting
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has Stored XSS in the Profile Update page via the My Name field...
PT-2019-18644 · Php Scripts Mall · Php Scripts Mall Chartered Accountant : Auditor Website
Name of the Vulnerable Software and Affected Versions: PHP Scripts Mall Chartered Accountant : Auditor Website version 2.0.1 Description: The issue concerns a Stored XSS in the Profile Update page. Specifically, the My Name field is vulnerable, allowing for potential exploitation. Recommendations...
CVE-2019-7553
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has Stored XSS in the Profile Update page via the My Name field...
CVE-2019-7553
CVE-2019-7553 affects PHP Scripts Mall Chartered Accountant: Auditor Website version 2.0.1, with a Stored XSS in the Profile Update page via the My Name field. Several sources (Red Hat advisory, CNVD, CVE listings, and PT-2019-18644) confirm the vulnerability type as stored XSS and point to the s...
CVE-2018-20636
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has HTML injection via the First Name field...
CVE-2018-20636
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has HTML injection via the First Name field...
CVE-2018-20638
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory...
CVE-2018-20638
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory...
Design/Logic Flaw
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has HTML injection via the First Name field...
Directory traversal
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory...
Code injection
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 allows remote attackers to cause a denial of service unrecoverable blank profile via crafted JavaScript code in the First Name and Last Name field...
CVE-2018-20638
CVE-2018-20638 affects PHP Scripts Mall Chartered Accountant: Auditor Website 2.0.1 and describes a directory traversal vulnerability that allows a direct request to list files in an image directory (e.g., assets/). The connected documents corroborate a path disclosure via directory listing; no e...
CVE-2018-20638
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory...
CVE-2018-20637
CVE-2018-20637 affects PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1. The vulnerability allows remote attackers to cause a denial of service (unrecoverable blank profile) by sending crafted JavaScript in the First Name and Last Name fields. Documented impact per CVSS metrics shows...
CVE-2018-20636
CVE-2018-20636 affects PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1. The vulnerability is HTML injection via the First Name field. Public references confirm the product/version and injection class; CVSS v3.0 base score is 5.4 (MEDIUM) with network access and user interaction requ...
CVE-2018-20636
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has HTML injection via the First Name field...
Cross site request forgery (csrf)
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has CSRF via client/auditor/updprofile.php...