1161 matches found
Sql injection
PHP Scripts Mall Professional Service Script has SQL injection via the admin/review.php id parameter...
Design/Logic Flaw
PHP Scripts Mall Car Rental Script has XSS via the admin/areaedit.php carid parameter or the admin/sitesettings.php websitename parameter...
Cross site request forgery (csrf)
PHP Scripts Mall Car Rental Script has CSRF via admin/sitesettings.php...
Code injection
PHP Scripts Mall Responsive Realestate Script has XSS via the admin/general.php gplus parameter...
Cross site request forgery (csrf)
PHP Scripts Mall Professional Service Script has CSRF via admin/generalsettingupd.php, as demonstrated by modifying a setting in the user panel...
Cross site request forgery (csrf)
PHP Scripts Mall Responsive Realestate Script has CSRF via admin/general...
Code injection
PHP Scripts Mall Professional Service Script has XSS via the admin/bannerview.php view parameter...
Code injection
PHP Scripts Mall Professional Service Script has a predicable registration URL, which makes it easier for remote attackers to register with an invalid or spoofed e-mail address...
CVE-2017-17929
The CVE concerns PHP Scripts Mall Professional Service Script. Affected component: admin/bannerview.php with the view parameter vulnerable to XSS. This is described across multiple sources as a cross-site scripting vulnerability in the Professional Service Script, enabling script execution via th...
CVE-2017-17929
PHP Scripts Mall Professional Service Script has XSS via the admin/bannerview.php view parameter...
CVE-2017-17925
PHP Scripts Mall Professional Service Script has XSS via the admin/generalsettingupd.php websitetitle parameter...
CVE-2017-17924
The CVE-2017-17924 vulnerability affects PHP Scripts Mall Professional Service Script, enabling information disclosure: remote attackers can obtain sensitive full-path information via the id parameter in admin/review_userwise.php. Root cause is improper handling of the id parameter, leading to ex...
CVE-2017-17926
CVE-2017-17926 concerns the PHP Scripts Mall Professional Service Script, where a predictable registration URL enables remote attackers to create accounts using invalid or spoofed email addresses. The description across multiple connected documents consistently identifies the vulnerability as a p...
CVE-2017-17926
PHP Scripts Mall Professional Service Script has a predicable registration URL, which makes it easier for remote attackers to register with an invalid or spoofed e-mail address...
CVE-2017-17924
PHP Scripts Mall Professional Service Script allows remote attackers to obtain sensitive full-path information via the id parameter to admin/reviewuserwise.php...
CVE-2017-17930
The affected software is PHP Scripts Mall Professional Service Script. It contains a Cross-Site Request Forgery (CSRF) vulnerability exploitable via admin/general_settingupd.php, demonstrated by changing a setting in the user panel. The root cause and specific impact details are described across ...
CVE-2017-17931
PHP Scripts Mall Resume Clone Script has SQL Injection via the forget.php username parameter...
CVE-2017-17927
PHP Scripts Mall Professional Service Script allows remote attackers to obtain sensitive full-path information via a crafted PATHINFO to service-list/category/...
CVE-2017-17930
PHP Scripts Mall Professional Service Script has CSRF via admin/generalsettingupd.php, as demonstrated by modifying a setting in the user panel...
CVE-2017-17925
Summary: CVE-2017-17925 affects the PHP Scripts Mall Professional Service Script. The vulnerability is an XSS flaw in the admin/general_settingupd.php endpoint, specifically via the website_title parameter. This is documented across multiple sources (NVD and CNVD entries) as a cross-site scriptin...