CVE-2018-20633

PHP Scripts Mall Advance B2B Script 2.1.4 has Cross-Site Request Forgery CSRF via the Edit Profile feature...

CVE-2018-20636

PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has HTML injection via the First Name field...

CVE-2018-20639

PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has HTML injection via the Search Bar...

CVE-2018-20638

PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory...

CVE-2018-20632

PHP Scripts Mall Advance B2B Script 2.1.4 has stored Cross-Site Scripting XSS via the FIRST NAME or LAST NAME field...

CVE-2018-20629

PHP Scripts Mall Charity Donation Script readymadeb2bscript has directory traversal via a direct request for a listing of an uploads directory such as the wp-content/uploads/2018/12 directory...

CVE-2018-20631

PHP Scripts Mall Website Seller Script 2.0.5 allows full Path Disclosure via a request for an arbitrary image URL such as a .png file...

Design/Logic Flaw

PHP Scripts Mall Consumer Reviews Script 4.0.3 has HTML injection via the search box...

Directory traversal

PHP Scripts Mall Charity Foundation Script 1 through 3 allows directory traversal via a direct request for a listing of an uploads directory such as the wp-content/uploads/2018/12 directory...

Input validation

PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has HTML injection via the Search Bar...

Cross site request forgery (csrf)

PHP Scripts Mall Car Rental Script 2.0.8 has Cross-Site Request Forgery CSRF via accountedit.php...

Cross site scripting

PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has stored Cross-Site Scripting XSS via the Full Name field...

Cross site request forgery (csrf)

PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has Cross-Site Request Forgery CSRF via the Edit Profile feature...

Directory traversal

PHP Scripts Mall Car Rental Script 2.0.8 has directory traversal via a direct request for a listing of an image directory such as an images/ directory...

Path traversal

PHP Scripts Mall Website Seller Script 2.0.5 allows full Path Disclosure via a request for an arbitrary image URL such as a .png file...

Code injection

PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 allows remote attackers to cause a denial of service unrecoverable blank profile via crafted JavaScript code in the First Name and Last Name field...

Cross site scripting

PHP Scripts Mall Advance B2B Script 2.1.4 has stored Cross-Site Scripting XSS via the FIRST NAME or LAST NAME field...

PHP Scripts Mall Advance B2B Script Directory Traversal Vulnerability

PHP Scripts Mall Advance B2B Script is a set of PHP-based scripts for B2B business-to-business trading websites. PHP Scripts Mall Advance B2B Script 2.1.4 suffers from a directory traversal vulnerability, which can be exploited to achieve directory traversal by directly requesting an image...

PHP Scripts Mall Advance B2B Script Cross-Site Request Forgery Vulnerability

PHP Scripts Mall Advance B2B Script is a set of PHP-based scripts for B2B business-to-business trading websites. PHP Scripts Mall Advance B2B Script 2.1.4 suffers from a cross-site request forgery vulnerability that can be exploited via the Edit Profile feature...

CVE-2019-7437

PHP Scripts Mall Opensource Classified Ads Script 3.2.2 has reflected Cross-Site Scripting XSS via the Search field...