CVE-2017-17927

PHP Scripts Mall Professional Service Script allows remote attackers to obtain sensitive full-path information via a crafted PATHINFO to service-list/category/...

CVE-2017-17928

PHP Scripts Mall Professional Service Script has SQL injection via the admin/review.php id parameter...

CVE-2017-17929

PHP Scripts Mall Professional Service Script has XSS via the admin/bannerview.php view parameter...

CVE-2017-17930

PHP Scripts Mall Professional Service Script has CSRF via admin/generalsettingupd.php, as demonstrated by modifying a setting in the user panel...

CVE-2017-17905

PHP Scripts Mall Car Rental Script has CSRF via admin/sitesettings.php...

CVE-2017-17906

PHP Scripts Mall Car Rental Script has SQL Injection via the admin/carlistedit.php carid parameter...

CVE-2017-17925

PHP Scripts Mall Professional Service Script has XSS via the admin/generalsettingupd.php websitetitle parameter...

CVE-2017-17926

PHP Scripts Mall Professional Service Script has a predicable registration URL, which makes it easier for remote attackers to register with an invalid or spoofed e-mail address...

CVE-2017-17931

PHP Scripts Mall Resume Clone Script has SQL Injection via the forget.php username parameter...

Code injection

PHP Scripts Mall Professional Service Script has a predicable registration URL, which makes it easier for remote attackers to register with an invalid or spoofed e-mail address...

Cross site request forgery (csrf)

PHP Scripts Mall Responsive Realestate Script has CSRF via admin/general...

Code injection

PHP Scripts Mall Responsive Realestate Script has XSS via the admin/general.php gplus parameter...

Cross site request forgery (csrf)

PHP Scripts Mall Car Rental Script has CSRF via admin/sitesettings.php...

Sql injection

PHP Scripts Mall Car Rental Script has SQL Injection via the admin/carlistedit.php carid parameter...

Design/Logic Flaw

PHP Scripts Mall Car Rental Script has XSS via the admin/areaedit.php carid parameter or the admin/sitesettings.php websitename parameter...

Code injection

PHP Scripts Mall Professional Service Script has XSS via the admin/generalsettingupd.php websitetitle parameter...

Sql injection

PHP Scripts Mall Resume Clone Script has SQL Injection via the forget.php username parameter...

Code injection

PHP Scripts Mall Professional Service Script has XSS via the admin/bannerview.php view parameter...

Cross site request forgery (csrf)

PHP Scripts Mall Professional Service Script has CSRF via admin/generalsettingupd.php, as demonstrated by modifying a setting in the user panel...

Sql injection

PHP Scripts Mall Professional Service Script has SQL injection via the admin/review.php id parameter...