582 matches found
CVE-2018-11514
The CVE affects PHP Scripts Mall Naukri Clone Script (version 3.0.3 and earlier). The vulnerability resides in edit_resume_det.php, allowing Unrestricted Upload of a File with a Dangerous Type (e.g., renaming .docx to .php). This could enable an attacker to upload a malicious PHP file, potentiall...
CVE-2018-11514
PHP Scripts Mall Naukri Clone Script through 3.0.3 allows Unrestricted Upload of a File with a Dangerous Type in editresumedet.php, as demonstrated by changing .docx to .php...
CVE-2018-11501
PHP Scripts Mall Website Seller Script 2.0.3 has CSRF via usersubmit.php?upd=2, with resultant XSS...
CVE-2018-11501
PHP Scripts Mall Website Seller Script 2.0.3 has CSRF via usersubmit.php?upd=2, with resultant XSS...
Cross site request forgery (csrf)
PHP Scripts Mall Website Seller Script 2.0.3 has CSRF via usersubmit.php?upd=2, with resultant XSS...
CVE-2018-11501
The CVE-2018-11501 entry concerns PHP Scripts Mall Website Seller Script 2.0.3, where a CSRF flaw in user_submit.php?upd=2 enables an XSS outcome. The connected records corroborate the same vulnerability description across multiple databases, including NVD, CVE List, CNVD, and others. According t...
Match Clone Script 1.0.4 Cross Site Scripting
Exploit Title: Match Clone Script 1.0.4 - Cross-Site Scripting Date: 23.02.2018 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/match-clone/ Category: Web Application Exploit Author: ManhNho Version: 1.0.4 Tested on: Window 10 / Kali Linux CV...
Match Clone Script 1.0.4 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Match Clone Script 1.0.4 - Cross-Site Scripting Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/match-clone/ Category: Web Application Exploit Author: ManhNho Version: 1.0.4...
Match Clone Script 1.0.4 - Cross-Site Scripting
Match Clone Script 1.0.4 - Cross-Site Scripting Exploit Title: Match Clone Script 1.0.4 - Cross-Site Scripting Date: 23.02.2018 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/match-clone/ Category: Web Application Exploit Author: ManhNho...
Match Clone Script 1.0.4 - Cross-Site Scripting
Exploit Title: Match Clone Script 1.0.4 - Cross-Site Scripting Date: 23.02.2018 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/match-clone/ Category: Web Application Exploit Author: ManhNho Version: 1.0.4 Tested on: Window 10 / Kali Linux CV...
Input validation
PHP Scripts Mall Website Seller Script 2.0.3 uses the client side to enforce validation of an e-mail address, which allows remote attackers to modify a registered e-mail address by removing the validation code...
Cross site scripting
Reflected XSS exists in PHP Scripts Mall Website Seller Script 2.0.3 via the Listings Search feature...
Cross site request forgery (csrf)
CSRF exists in student/personal-info in PHP Scripts Mall Online Tutoring Script 2.0.3...
CVE-2018-6904
PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the User Name field in an Edit Profile action...
CVE-2018-6900
PHP Scripts Mall Website Broker Script 3.0.6 has XSS via the Last Name field on the My Profile page...
CVE-2018-6934
CSRF exists in student/personal-info in PHP Scripts Mall Online Tutoring Script 2.0.3...
CVE-2018-6934
CSRF exists in student/personal-info in PHP Scripts Mall Online Tutoring Script 2.0.3...
CVE-2018-6904
PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the User Name field in an Edit Profile action...
CVE-2018-6935
PHP Scripts Mall Student Profile Management System Script v2.0.6 has XSS via the Name field to liststudent.php...
CVE-2018-6935
CVE-2018-6935 affects PHP Scripts Mall Student Profile Management System Script v2.0.6, where an XSS vulnerability exists in the Name field of list_student.php. The available records confirm the vulnerability exists but do not provide exploitation details, affected product build numbers beyond v2...