3 matches found
CVE-2018-20138
PHP Scripts Mall Entrepreneur B2B Script 3.0.6 allows Stored XSS via Account Settings fields such as FirstName and LastName, a similar issue to CVE-2018-14541...
CVE-2018-20138
PHP Scripts Mall Entrepreneur B2B Script 3.0.6 allows Stored XSS via Account Settings fields such as FirstName and LastName, a similar issue to CVE-2018-14541...
CVE-2018-20138
CVE-2018-20138 corresponds to a Cross-Site Scripting vulnerability in PHP Scripts Mall’s Entrepreneur B2B Script 3.0.6. The issue arises from storing or reflecting unsanitized input in Account Settings (e.g., FirstName, LastName), enabling a attacker to inject web scripts. Public documentation (N...