CVE-2017-17928

The CVE-2017-17928 entry concerns PHP Scripts Mall Professional Service Script. It describes an SQL injection vulnerability in the admin/review.php endpoint triggered via the id parameter, allowing an attacker to manipulate queries. Connected CNVD/NVD records corroborate a SQL injection vulnerabi...

CVE-2017-17928

PHP Scripts Mall Professional Service Script has SQL injection via the admin/review.php id parameter...

PHP Scripts Mall Responsive Realestate Script Cross-Site Scripting Vulnerability

Responsive Realestate Script is a script for building real estate websites. A cross-site scripting vulnerability exists in PHP Scripts Mall Responsive Realestate Script. A remote attacker can inject arbitrary web script or HTML by sending the 'gplus' parameter to the admin/general.php file...

CVE-2017-17908

PHP Scripts Mall Responsive Realestate Script has CSRF via admin/general...

CVE-2017-17906

PHP Scripts Mall Car Rental Script suffers an SQL Injection vulnerability in the admin/carlistedit.php carid parameter. The issue allows backend database manipulation, with high impact on confidentiality, integrity, and availability (CVSS v3.0 9.8). No remediation details are provided in the supp...

CVE-2017-17907

CVE-2017-17907 affects PHP Scripts Mall Car Rental Script and is an XSS vulnerability exploitable via the admin/areaedit.php?carid parameter or admin/sitesettings.php?websitename parameter. Public records describe reflected/stored XSS vectors in these parameters, enabling injecting HTML/JS conten...

CVE-2017-17909

PHP Scripts Mall Responsive Realestate Script has XSS via the admin/general.php gplus parameter...

CVE-2017-17907

PHP Scripts Mall Car Rental Script has XSS via the admin/areaedit.php carid parameter or the admin/sitesettings.php websitename parameter...

CVE-2017-17906

PHP Scripts Mall Car Rental Script has SQL Injection via the admin/carlistedit.php carid parameter...

CVE-2017-17905

PHP Scripts Mall Car Rental Script has CSRF via admin/sitesettings.php...

PHP Scripts Mall Readymade Video Sharing Script Cross-Site Request Forgery Vulnerability

PHP Scripts Mall Readymade Video Sharing Script is a set of PHP based online video sharing website scripts by PHP Scripts Mall India. A cross-site request forgery vulnerability exists in PHP Scripts Mall Readymade Video Sharing Script. A remote attacker can use the user-profile-edit.php file to...

PHP Scripts Mall Readymade Job Site Script Cross-Site Scripting Vulnerability

PHP Scripts Mall Readymade Job Site Script is a PHP based job site script by PHP Scripts Mall India. The script includes features like job management, profile management and email notifications. A cross-site scripting vulnerability exists in PHP Scripts Mall Readymade Job Site Script. A remote...

PHP Scripts Mall Readymade Job Site Script Cross Site Request Forgery Vulnerability

PHP Scripts Mall Readymade Job Site Script is a PHP based job site script by PHP Scripts Mall India. The script includes features like job management, profile management and email notifications. A cross-site request forgery vulnerability exists in PHP Scripts Mall Readymade Job Site Script. A...

PHP Scripts Mall Readymade Video Sharing Script Cross-Site Scripting Vulnerability

PHP Scripts Mall Readymade Video Sharing Script is a set of PHP based online video sharing website scripts by PHP Scripts Mall India. A cross-site scripting vulnerability exists in PHP Scripts Mall Readymade Video Sharing Script. A remote attacker can send a 'search' parameter to the...

PHP Scripts Mall Readymade Video Sharing Script SQL Injection Vulnerability

PHP Scripts Mall Readymade Video Sharing Script is a set of PHP based online video sharing website scripts by PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall Readymade Video Sharing Script version 3.2. The vulnerability can be exploited by a remote attacker to...

PHP Scripts Mall Opensource Classified Ads Script SQL Injection Vulnerability

PHP Scripts Mall Opensource Classified Ads Script is a set of PHP based classifieds posting website scripts by PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall Opensource Classified Ads Script version 3.2. A remote attacker can exploit this vulnerability by sending...

PHP Scripts Mall Food Order Script SQL Injection Vulnerability

PHP Scripts Mall Food Order Script is a set of PHP based online review and feedback scripts for hotels, restaurants by PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall Food Order Script version 1.0. A remote attacker can exploit this vulnerability by sending the...

PHP Scripts Mall Multivendor Penny Auction Clone Script SQL Injection Vulnerability

PHP Scripts Mall Multivendor Penny Auction Clone Script is a PHP based online auction website script from PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall Multivendor Penny Auction Clone Script version 1.0. A remote attacker can exploit this vulnerability to inject...

PHP Scripts Mall Responsive Events And Movie Ticket Booking Script SQL Injection Vulnerability

PHP Scripts Mall Responsive Events And Movie Ticket Booking Script is a PHP based online movie ticket booking script by PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall Responsive Events And Movie Ticket Booking Script version 3.2.1. The vulnerability can be...

PHP Scripts Mall Responsive Realestate Script SQL Injection Vulnerability

PHP Scripts Mall Responsive Realestate Script is a PHP and MySQL based real estate sales website script by PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall Responsive Realestate Script version 3.2. A remote attacker can exploit this vulnerability by sending the...