CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2019/06/06 3:36 p.m.•12 views

CVE-2019-7552

An issue was discovered in PHP Scripts Mall Investment MLM Software 2.0.2. Stored XSS was found in the the My Profile Section. This is due to lack of sanitization in the Edit Name section...

5.3AI score0.00206EPSS

Exploits1References2

CVE•added 2019/06/06 3:27 p.m.•88 views

CVE-2019-7554

The vulnerability CVE-2019-7554 affects PHP Scripts Mall API Based Travel Booking 3.4.7. It is a reflected cross-site scripting (XSS) flaw exploitable via the flight-results.php d2 parameter, which can cause client-side script execution. The issue stems from input reflected back to the user; expl...

6.1CVSS6AI score0.00266EPSS

Exploits1References2Affected Software1

Cvelist•added 2019/06/06 12:0 a.m.•15 views

CVE-2019-7553

PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has Stored XSS in the Profile Update page via the My Name field...

5.3AI score0.00206EPSS

CVE•added 2019/06/06 12:0 a.m.•111 views

CVE-2019-7553

CVE-2019-7553 affects PHP Scripts Mall Chartered Accountant: Auditor Website version 2.0.1, with a Stored XSS in the Profile Update page via the My Name field. Several sources (Red Hat advisory, CNVD, CVE listings, and PT-2019-18644) confirm the vulnerability type as stored XSS and point to the s...

5.4CVSS5.2AI score0.00206EPSS

CNVD•added 2019/04/01 12:0 a.m.•3 views

PHP Scripts Mall Amazon Affiliate Store Input Validation Error Vulnerability

PHP Scripts Mall Amazon Affiliate Store is an online e-store system by PHP Scripts Mall India. An input validation error vulnerability exists in PHP Scripts Mall Amazon Affiliate Store version 2.1.6, which can be exploited by attackers to tamper with payment amounts...

6.5CVSS7AI score0.00193EPSS

OSV•added 2019/03/29 2:29 p.m.•0 views

CVE-2019-9605

PHP Scripts Mall Online Lottery PHP Readymade Script 1.7.0 has Reflected Cross-site Scripting XSS via the err value in a .ico picture upload...

5.4CVSS6.1AI score

Exploits0References1

Prion•added 2019/03/29 2:29 p.m.•9 views

Cross site scripting

PHP Scripts Mall Online Lottery PHP Readymade Script 1.7.0 has Reflected Cross-site Scripting XSS via the err value in a .ico picture upload...

3.5CVSS5.3AI score0.00206EPSS

Cvelist•added 2019/03/29 1:50 p.m.•14 views

CVE-2019-9604

PHP Scripts Mall Online Lottery PHP Readymade Script 1.7.0 has Cross-Site Request Forgery CSRF for Edit Profile actions...

9AI score0.00145EPSS

NVD•added 2019/03/28 3:29 p.m.•6 views

CVE-2019-9864

PHP Scripts Mall Amazon Affiliate Store 2.1.6 allows Parameter Tampering of the payment amount...

6.5CVSS6.6AI score0.00193EPSS

OSV•added 2019/03/21 4:1 p.m.•1 views

CVE-2019-7436

PHP Scripts Mall Opensource Classified Ads Script 3.2.2 has directory traversal via a direct request for a listing of an uploads directory...

NVD•added 2019/03/21 4:1 p.m.•6 views

CVE-2019-7432

PHP Scripts Mall Rental Bike Script 2.0.3 has HTML injection via the STREET field in the Profile Edit section...

5.4CVSS5.7AI score0.00206EPSS

NVD•added 2019/03/21 4:1 p.m.•8 views

CVE-2019-7431

PHP Scripts Mall Image Sharing Script 1.3.4 has directory traversal via a direct request for a listing of an uploads directory...

NVD•added 2019/03/21 4:1 p.m.•7 views

CVE-2019-7434

PHP Scripts Mall Rental Bike Script 2.0.3 has directory traversal via a direct request for a listing of an uploads directory...

OSV•added 2019/03/21 4:1 p.m.•0 views

CVE-2019-7435

PHP Scripts Mall Opensource Classified Ads Script 3.2.2 has reflected HTML injection via the Search Form...

5.3CVSS5.8AI score0.00238EPSS

NVD•added 2019/03/21 4:1 p.m.•9 views

CVE-2019-7436

PHP Scripts Mall Opensource Classified Ads Script 3.2.2 has directory traversal via a direct request for a listing of an uploads directory...

NVD•added 2019/03/21 4:1 p.m.•7 views

CVE-2019-7430

PHP Scripts Mall Image Sharing Script 1.3.4 has HTML injection via the Search Bar...

5.3CVSS5.6AI score0.00238EPSS

Prion•added 2019/03/21 4:1 p.m.•11 views

Design/Logic Flaw

PHP Scripts Mall Rental Bike Script 2.0.3 has HTML injection via the STREET field in the Profile Edit section...

3.5CVSS5.8AI score0.00206EPSS

Prion•added 2019/03/21 4:1 p.m.•10 views

Cross site scripting

PHP Scripts Mall Opensource Classified Ads Script 3.2.2 has reflected Cross-Site Scripting XSS via the Search field...

4.3CVSS6AI score0.0024EPSS