CVE-2018-20633

PHP Scripts Mall Advance B2B Script 2.1.4 has Cross-Site Request Forgery CSRF via the Edit Profile feature...

CVE-2018-20638

PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory...

CVE-2018-20631

PHP Scripts Mall Website Seller Script 2.0.5 allows full Path Disclosure via a request for an arbitrary image URL such as a .png file...

CVE-2018-20627

PHP Scripts Mall Consumer Reviews Script 4.0.3 has HTML injection via the search box...

CVE-2018-20638

PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory...

CVE-2018-20632

PHP Scripts Mall Advance B2B Script 2.1.4 has stored Cross-Site Scripting XSS via the FIRST NAME or LAST NAME field...

CVE-2018-20633

PHP Scripts Mall Advance B2B Script 2.1.4 has Cross-Site Request Forgery CSRF via the Edit Profile feature...

Code injection

PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 allows remote attackers to cause a denial of service unrecoverable blank profile via crafted JavaScript code in the First Name and Last Name field...

Input validation

PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has HTML injection via the Search Bar...

Cross site scripting

PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has stored Cross-Site Scripting XSS via the Full Name field...

Design/Logic Flaw

PHP Scripts Mall Consumer Reviews Script 4.0.3 has HTML injection via the search box...

Cross site scripting

PHP Scripts Mall Advance B2B Script 2.1.4 has stored Cross-Site Scripting XSS via the FIRST NAME or LAST NAME field...

Directory traversal

PHP Scripts Mall Car Rental Script 2.0.8 has directory traversal via a direct request for a listing of an image directory such as an images/ directory...

Directory traversal

PHP Scripts Mall Charity Foundation Script 1 through 3 allows directory traversal via a direct request for a listing of an uploads directory such as the wp-content/uploads/2018/12 directory...

Cross site request forgery (csrf)

PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has Cross-Site Request Forgery CSRF via the Edit Profile feature...

Path traversal

PHP Scripts Mall Website Seller Script 2.0.5 allows full Path Disclosure via a request for an arbitrary image URL such as a .png file...

Cross site request forgery (csrf)

PHP Scripts Mall Car Rental Script 2.0.8 has Cross-Site Request Forgery CSRF via accountedit.php...

PHP Scripts Mall Advance B2B Script Cross-Site Request Forgery Vulnerability

PHP Scripts Mall Advance B2B Script is a set of PHP-based scripts for B2B business-to-business trading websites. PHP Scripts Mall Advance B2B Script 2.1.4 suffers from a cross-site request forgery vulnerability that can be exploited via the Edit Profile feature...

PHP Scripts Mall Advance B2B Script Directory Traversal Vulnerability

PHP Scripts Mall Advance B2B Script is a set of PHP-based scripts for B2B business-to-business trading websites. PHP Scripts Mall Advance B2B Script 2.1.4 suffers from a directory traversal vulnerability, which can be exploited to achieve directory traversal by directly requesting an image...

CVE-2019-7437

CVE-2019-7437 affects PHP Scripts Mall Opensource Classified Ads Script 3.2.2 and is a reflected Cross-Site Scripting (XSS) vulnerability triggered via the Search field. The connected sources consistently describe the issue as a reflected XSS flaw in the search input, with no additional details o...