1161 matches found
CVE-2018-11501
PHP Scripts Mall Website Seller Script 2.0.3 has CSRF via usersubmit.php?upd=2, with resultant XSS...
Cross site request forgery (csrf)
PHP Scripts Mall Website Seller Script 2.0.3 has CSRF via usersubmit.php?upd=2, with resultant XSS...
CVE-2018-11501
The CVE-2018-11501 entry concerns PHP Scripts Mall Website Seller Script 2.0.3, where a CSRF flaw in user_submit.php?upd=2 enables an XSS outcome. The connected records corroborate the same vulnerability description across multiple databases, including NVD, CVE List, CNVD, and others. According t...
CVE-2018-11501
PHP Scripts Mall Website Seller Script 2.0.3 has CSRF via usersubmit.php?upd=2, with resultant XSS...
EasyService Billing 1.0 - Cross-Site Request Forgery
history.pushState'', '', '/' input type="hidden" nam...
EasyService Billing 1.0 - Cross-Site Request Forgery
EasyService Billing 1.0 - Cross-Site Request Forgery history.pushState'', '', '/' input typ...
Trusted-Directory Bypass via Path Traversal
if you enable secrity .$trusteddir is an array of all directories that are considered trusted. Trusted directories are where you keep php scripts that are executed directly from the templates . the attackers can use ../ to bypass the dir ,if they can editing the templates, they read any file they...
Match Clone Script 1.0.4 - Cross-Site Scripting
Match Clone Script 1.0.4 - Cross-Site Scripting Exploit Title: Match Clone Script 1.0.4 - Cross-Site Scripting Date: 23.02.2018 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/match-clone/ Category: Web Application Exploit Author: ManhNho...
Match Clone Script 1.0.4 - Cross-Site Scripting
Exploit Title: Match Clone Script 1.0.4 - Cross-Site Scripting Date: 23.02.2018 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/match-clone/ Category: Web Application Exploit Author: ManhNho Version: 1.0.4 Tested on: Window 10 / Kali Linux CV...
Match Clone Script 1.0.4 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Match Clone Script 1.0.4 - Cross-Site Scripting Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/match-clone/ Category: Web Application Exploit Author: ManhNho Version: 1.0.4...
Match Clone Script 1.0.4 Cross Site Scripting
Exploit Title: Match Clone Script 1.0.4 - Cross-Site Scripting Date: 23.02.2018 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/match-clone/ Category: Web Application Exploit Author: ManhNho Version: 1.0.4 Tested on: Window 10 / Kali Linux CV...
Cross site request forgery (csrf)
CSRF exists in student/personal-info in PHP Scripts Mall Online Tutoring Script 2.0.3...
CVE-2018-6900
PHP Scripts Mall Website Broker Script 3.0.6 has XSS via the Last Name field on the My Profile page...
CVE-2018-6934
CSRF exists in student/personal-info in PHP Scripts Mall Online Tutoring Script 2.0.3...
Input validation
PHP Scripts Mall Website Seller Script 2.0.3 uses the client side to enforce validation of an e-mail address, which allows remote attackers to modify a registered e-mail address by removing the validation code...
CVE-2018-6904
PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the User Name field in an Edit Profile action...
Cross site scripting
Reflected XSS exists in PHP Scripts Mall Website Seller Script 2.0.3 via the Listings Search feature...
CVE-2018-6934
CSRF exists in student/personal-info in PHP Scripts Mall Online Tutoring Script 2.0.3...
CVE-2018-6934
The CVE-2018-6934 entry describes a CSRF vulnerability in the PHP Scripts Mall Online Tutoring Script 2.0.3, specifically affecting the student/personal-info component. The connected documents corroborate the issue across NVD and CVE listings, though they do not provide additional details on the ...
CVE-2018-6904
PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the User Name field in an Edit Profile action...