1161 matches found
Design/Logic Flaw
PHP Scripts Mall Personal Video Collection Script 4.0.4 has Stored XSS via the "Update profile" feature...
CVE-2019-9607
PHP Scripts Mall Medical Store Script 3.0.3 allows Path Traversal by navigating to the parent directory of a jpg or png file...
Path traversal
PHP Scripts Mall Medical Store Script 3.0.3 allows Path Traversal by navigating to the parent directory of a jpg or png file...
CVE-2019-9607
PHP Scripts Mall Medical Store Script 3.0.3 allows Path Traversal by navigating to the parent directory of a jpg or png file...
CVE-2019-9606
CVE-2019-9606 affects PHP Scripts Mall Personal Video Collection Script 4.0.4. The vulnerability is a Stored XSS in the Update profile feature. The available sources describe the affected product and the type of issue but do not provide detailed root cause analysis, exploit patterns, affected ver...
PHP Scripts Mall Custom T-Shirt Ecommerce Script Input Validation Vulnerability
PHP Scripts Mall Custom T-Shirt Ecommerce Script is a website system for customizing t-shirts online by PHP Scripts Mall India. An input validation vulnerability exists in PHP Scripts Mall Custom T-Shirt Ecommerce Script version 3.1.1, which can be exploited by an attacker to change the amount of...
CVE-2019-9064
PHP Scripts Mall Cab Booking Script 1.0.3 allows Directory Traversal into the parent directory of a jpg or png file...
CVE-2019-9065
PHP Scripts Mall Custom T-Shirt Ecommerce Script 3.1.1 allows parameter tampering of the payment amount...
CVE-2019-9065
PHP Scripts Mall Custom T-Shirt Ecommerce Script 3.1.1 allows parameter tampering of the payment amount...
CVE-2019-9063
PHP Scripts Mall Auction website script 2.0.4 allows parameter tampering of the payment amount...
Directory traversal
PHP Scripts Mall Cab Booking Script 1.0.3 allows Directory Traversal into the parent directory of a jpg or png file...
Cross site request forgery (csrf)
PHP Scripts Mall Online Food Ordering Script 1.0 has Cross-Site Request Forgery CSRF in my-account.php...
CVE-2019-9063
The CVE-2019-9063 entry concerns PHP Scripts Mall Auction website script version 2.0.4, where an input validation vulnerability allows parameter tampering of the payment amount. Connected CNVD/NVD records describe an input validation flaw enabling modification of the donation/paid amount; exploit...
CVE-2019-9065
PHP Scripts Mall Custom T-Shirt Ecommerce Script 3.1.1 allows parameter tampering of the payment amount...
CVE-2019-9062
PHP Scripts Mall Online Food Ordering Script 1.0 has Cross-Site Request Forgery CSRF in my-account.php...
CVE-2019-9064
PHP Scripts Mall Cab Booking Script 1.0.3 allows Directory Traversal into the parent directory of a jpg or png file...
CVE-2019-9064
The CVE-2019-9064 entry corresponds to a directory traversal flaw in PHP Scripts Mall Cab Booking Script 1.0.3. Multiple connected sources (CNVD, CVE records, PRION, NVD) describe that an attacker can traverse directories to reach the parent directory of a jpg or png file, exposing directory stru...
CVE-2019-9066
PHP Scripts Mall PHP Appointment Booking Script 3.0.3 allows HTML injection in a user profile...
CVE-2019-8361
PHP Scripts Mall Responsive Video News Script has XSS via the Search Bar. This might, for example, be leveraged for HTML injection or URL redirection...
CVE-2019-8361
The CVE-2019-8361 vulnerability affects PHP Scripts Mall’s Responsive Video News Script, where an XSS flaw in the Search Bar could enable HTML injection or URL redirection. Public details describe the vulnerability but do not provide exploit code, affected versions, or explicit remediation in the...