CVE-2018-6866

Cross Site Scripting XSS exists in PHP Scripts Mall Learning and Examination Management System Script 2.3.1 via a crafted message...

Cross site scripting

Cross Site Scripting XSS exists in PHP Scripts Mall Alibaba Clone Script 1.0.2 via a profile parameter...

CVE-2018-6867

Cross Site Scripting XSS exists in PHP Scripts Mall Alibaba Clone Script 1.0.2 via a profile parameter...

Cross site scripting

Cross Site Scripting XSS exists in PHP Scripts Mall Learning and Examination Management System Script 2.3.1 via a crafted message...

CVE-2018-6866

Cross Site Scripting XSS exists in PHP Scripts Mall Learning and Examination Management System Script 2.3.1 via a crafted message...

CVE-2018-6866

CVE-2018-6866 affects PHP Scripts Mall Learning and Examination Management System Script 2.3.1. The connected documents describe a Cross Site Scripting (XSS) vulnerability in the system, exploitable through a crafted message in the messaging feature. PoCs and exploits (e.g., Exploit-DB and 0day l...

CVE-2018-6867

Cross Site Scripting XSS exists in PHP Scripts Mall Alibaba Clone Script 1.0.2 via a profile parameter...

CVE-2018-6867

CVE-2018-6867 affects PHP Scripts Mall Alibaba Clone Script 1.0.2. The issue is a Cross-Site Scripting (XSS) vulnerability exploitable via the profile parameter, as described in multiple sources and evidenced by PoC/exploit references (e.g., exploit-db, 0day.today, Packet Storm). Public writeups ...

CVE-2018-6868

Cross Site Scripting XSS exists in PHP Scripts Mall Slickdeals / DealNews / Groupon Clone Script 3.0.2 via a User Profile Field parameter...

CVE-2018-6868

CVE-2018-6868 affects PHP Scripts Mall Slickdeals/DealNews/Groupon Clone Script 3.0.2. The issue is a Cross-Site Scripting vulnerability exposed via a User Profile Field parameter in the web app. PoC and multiple public exploits indicate a stored XSS vector, demonstrated in PoC examples (e.g., sc...

Remote code execution

Datto ALTO and SIRIS devices allow Remote Code Execution via unauthenticated requests to PHP scripts...

CVE-2015-2081

Datto ALTO and SIRIS devices allow Remote Code Execution via unauthenticated requests to PHP scripts...

CVE-2015-2081

Datto ALTO and SIRIS devices allow Remote Code Execution via unauthenticated requests to PHP scripts...

CVE-2015-2081

Datto ALTO and SIRIS devices are affected by CVE-2015-2081, allowing Remote Code Execution via unauthenticated requests to PHP scripts. This vulnerability is documented in the NVD entry for CVE-2015-2081, which lists Datto ALTO and SIRIS as the affected products and describes the attack as unauth...

CVE-2015-2081

Datto ALTO and SIRIS devices allow Remote Code Execution via unauthenticated requests to PHP scripts...

CVE-2018-6928

PHP Scripts Mall News Website Script 2.0.4 has SQL Injection via a search term...

CVE-2018-6928

PHP Scripts Mall News Website Script 2.0.4 has SQL Injection via a search term...

CVE-2018-6928

PHP Scripts Mall News Website Script 2.0.4 has SQL Injection via a search term...

CVE-2018-6928

CVE-2018-6928 affects PHP Scripts Mall News Website Script 2.0.4, with a SQL Injection vulnerability in the search term parameter. Root cause is improper handling of user input allowing unauthorized SQL execution. Impact per sources is high: potential leakage of data, data alteration, and disrupt...

Remote code execution

Arbitrary File Upload and Remote Code Execution exist in PHP Scripts Mall Schools Alert Management Script 2.0.2 via a profile picture...