2 matches found
CVE-2017-17940
PHP Scripts Mall Single Theater Booking has XSS via the title parameter to admin/sitesettings.php...
CVE-2017-17940
CVE-2017-17940 concerns PHP Scripts Mall Single Theater Booking. The issue is a cross-site scripting (XSS) vulnerability in the admin/sitesettings.php page caused by unsafely handling the title parameter. The exploit path is user-controlled input reflected in the title field, enabling an attacker...