CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1161 matches found

Cvelist•added 2019/03/20 7:56 p.m.•11 views

CVE-2019-7437

PHP Scripts Mall Opensource Classified Ads Script 3.2.2 has reflected Cross-Site Scripting XSS via the Search field...

6.1AI score0.0024EPSS

Exploits1References1

Cvelist•added 2019/03/20 7:53 p.m.•8 views

CVE-2019-7436

PHP Scripts Mall Opensource Classified Ads Script 3.2.2 has directory traversal via a direct request for a listing of an uploads directory...

6.6AI score0.0039EPSS

Exploits1References1

CVE•added 2019/03/20 7:48 p.m.•29 views

CVE-2019-7434

This CVE affects PHP Scripts Mall Rental Bike Script 2.0.3, where a directory traversal flaw allows listing of an uploads directory via a direct request. The root cause is improper validation of file paths, enabling access to sensitive upload contents. The connected documents confirm the same iss...

6.5CVSS6.5AI score0.0039EPSS

Exploits1References1Affected Software1

Cvelist•added 2019/03/20 7:45 p.m.•10 views

CVE-2019-7433

PHP Scripts Mall Rental Bike Script 2.0.3 has Cross-Site Request Forgery CSRF via the Edit Profile feature...

9AI score0.00145EPSS

Exploits1References1

CVE•added 2019/03/20 7:45 p.m.•27 views

CVE-2019-7433

CVE-2019-7433 affects PHP Scripts Mall Rental Bike Script 2.0.3 and is described as a Cross-Site Request Forgery (CSRF) via the Edit Profile feature. The NVD entry lists impact metrics (CVSS v3 base score 8.8, HIGH) with network attack vector, low attack complexity, no privileges required, and us...

8.8CVSS8.8AI score0.00145EPSS

Exploits1References1Affected Software1

Cvelist•added 2019/03/20 7:42 p.m.•13 views

CVE-2019-7432

PHP Scripts Mall Rental Bike Script 2.0.3 has HTML injection via the STREET field in the Profile Edit section...

5.8AI score0.00206EPSS

Exploits1References1

Cvelist•added 2019/03/20 7:39 p.m.•12 views

CVE-2019-7431

PHP Scripts Mall Image Sharing Script 1.3.4 has directory traversal via a direct request for a listing of an uploads directory...

6.6AI score0.0039EPSS

Exploits1References1

CVE•added 2019/03/20 7:39 p.m.•36 views

CVE-2019-7431

CVE-2019-7431 affects PHP Scripts Mall Image Sharing Script 1.3.4. The vulnerability is a directory traversal vulnerability exploitable by a direct request to list the uploads directory, enabling access to directory contents. Public sources in the provided set corroborate a path traversal issue b...

6.5CVSS6.5AI score0.0039EPSS

Exploits1References1Affected Software1

Cvelist•added 2019/03/20 7:35 p.m.•9 views

CVE-2019-7430

PHP Scripts Mall Image Sharing Script 1.3.4 has HTML injection via the Search Bar...

5.6AI score0.00238EPSS

Exploits1References1

Cvelist•added 2019/03/20 7:29 p.m.•9 views

CVE-2019-7429

PHP Scripts Mall Property Rental Software 2.1.4 has directory traversal via a direct request for a listing of an uploads directory such as the wp-content/uploads/2016/08 directory...

6.6AI score0.0039EPSS

Exploits1References1

Cvelist•added 2019/03/20 7:26 p.m.•17 views

CVE-2018-20648

PHP Scripts Mall Car Rental Script 2.0.8 has Cross-Site Request Forgery CSRF via accountedit.php...

9AI score0.00145EPSS

Exploits1References1

Cvelist•added 2019/03/20 7:23 p.m.•12 views

CVE-2018-20647

PHP Scripts Mall Car Rental Script 2.0.8 has directory traversal via a direct request for a listing of an image directory such as an images/ directory...

6.6AI score0.00658EPSS

Exploits1References1

CVE•added 2019/03/20 7:23 p.m.•35 views

CVE-2018-20647

The CVE-2018-20647 entry concerns PHP Scripts Mall Car Rental Script 2.0.8, where a directory-traversal vulnerability exists in the handling of image directories (e.g., images/). The connected records confirm the affected product and the vulnerable component/behavior, but do not provide exploitat...

6.5CVSS6.5AI score0.00658EPSS

Exploits1References2Affected Software1

CVE•added 2019/03/20 7:21 p.m.•29 views

CVE-2018-20646

The CVE-2018-20646 entry concerns PHP Scripts Mall Basic B2B Script 2.0.9, where a directory traversal vulnerability allows listing of an image directory (e.g., uploads/) via a direct request. The vulnerability targets the image directory listing functionality; CVSS metrics indicate a Network att...

6.5CVSS6.5AI score0.00485EPSS

Exploits1References1Affected Software1

CVE•added 2019/03/20 7:12 p.m.•30 views

CVE-2018-20645

Summary of CVE-2018-20645 : The vulnerability affects PHP Scripts Mall Basic B2B Script 2.0.9, with HTML injection possible through the First Name or Last Name fields. The initial disclosure lists a CVSS base score of 5.4 (Medium) on CVSS 3.0 and 3.5 (Low) on CVSS 2.0, indicating a moderate impac...

5.4CVSS5.8AI score0.00206EPSS

Exploits1References1Affected Software1

Cvelist•added 2019/03/20 7:12 p.m.•13 views

CVE-2018-20645

PHP Scripts Mall Basic B2B Script 2.0.9 has HTML injection via the First Name or Last Name field...

5.8AI score0.00206EPSS

Exploits1References1

Cvelist•added 2019/03/20 7:9 p.m.•13 views

CVE-2018-20644

PHP Scripts Mall Basic B2B Script 2.0.9 has Cross-Site Request Forgery CSRF via the Edit profile feature...

9AI score0.00141EPSS

Exploits1References1

Cvelist•added 2019/03/20 7:3 p.m.•17 views

CVE-2018-20642

PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 allows remote attackers to cause a denial of service outage of profile editing via crafted JavaScript code in the KeySkills field...

6.6AI score0.00539EPSS

Exploits1References1

CVE•added 2019/03/20 7:3 p.m.•34 views

CVE-2018-20642

CVE-2018-20642 affects PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1. The vulnerability is triggered by crafted JavaScript in the KeySkills field, causing a denial of service (outage of profile editing). Documents confirm the affected product and root cause (malformed input in KeySkills) ...

6.5CVSS6.5AI score0.00539EPSS

Exploits1References1Affected Software1

Cvelist•added 2019/03/20 7:0 p.m.•12 views

CVE-2018-20641

PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has Cross-Site Request Forgery CSRF via the Edit Profile feature...

9AI score0.00145EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by