CVE-2018-6867

Cross Site Scripting XSS exists in PHP Scripts Mall Alibaba Clone Script 1.0.2 via a profile parameter...

CVE-2018-6866

Cross Site Scripting XSS exists in PHP Scripts Mall Learning and Examination Management System Script 2.3.1 via a crafted message...

CVE-2018-6868

Cross Site Scripting XSS exists in PHP Scripts Mall Slickdeals / DealNews / Groupon Clone Script 3.0.2 via a User Profile Field parameter...

CVE-2018-6866

Cross Site Scripting XSS exists in PHP Scripts Mall Learning and Examination Management System Script 2.3.1 via a crafted message...

CVE-2018-6866

Cross Site Scripting XSS exists in PHP Scripts Mall Learning and Examination Management System Script 2.3.1 via a crafted message...

CVE-2018-6868

Cross Site Scripting XSS exists in PHP Scripts Mall Slickdeals / DealNews / Groupon Clone Script 3.0.2 via a User Profile Field parameter...

CVE-2018-6868

CVE-2018-6868 affects PHP Scripts Mall Slickdeals/DealNews/Groupon Clone Script 3.0.2. The issue is a Cross-Site Scripting vulnerability exposed via a User Profile Field parameter in the web app. PoC and multiple public exploits indicate a stored XSS vector, demonstrated in PoC examples (e.g., sc...

CVE-2018-6867

CVE-2018-6867 affects PHP Scripts Mall Alibaba Clone Script 1.0.2. The issue is a Cross-Site Scripting (XSS) vulnerability exploitable via the profile parameter, as described in multiple sources and evidenced by PoC/exploit references (e.g., exploit-db, 0day.today, Packet Storm). Public writeups ...

CVE-2018-6867

Cross Site Scripting XSS exists in PHP Scripts Mall Alibaba Clone Script 1.0.2 via a profile parameter...

CVE-2018-6866

CVE-2018-6866 affects PHP Scripts Mall Learning and Examination Management System Script 2.3.1. The connected documents describe a Cross Site Scripting (XSS) vulnerability in the system, exploitable through a crafted message in the messaging feature. PoCs and exploits (e.g., Exploit-DB and 0day l...

CVE-2015-2081

Datto ALTO and SIRIS devices allow Remote Code Execution via unauthenticated requests to PHP scripts...

CVE-2015-2081

Datto ALTO and SIRIS devices allow Remote Code Execution via unauthenticated requests to PHP scripts...

Remote code execution

Datto ALTO and SIRIS devices allow Remote Code Execution via unauthenticated requests to PHP scripts...

CVE-2015-2081

Datto ALTO and SIRIS devices are affected by CVE-2015-2081, allowing Remote Code Execution via unauthenticated requests to PHP scripts. This vulnerability is documented in the NVD entry for CVE-2015-2081, which lists Datto ALTO and SIRIS as the affected products and describes the attack as unauth...

CVE-2015-2081

Datto ALTO and SIRIS devices allow Remote Code Execution via unauthenticated requests to PHP scripts...

CVE-2018-6928

PHP Scripts Mall News Website Script 2.0.4 has SQL Injection via a search term...

CVE-2018-6928

PHP Scripts Mall News Website Script 2.0.4 has SQL Injection via a search term...

CVE-2018-6928

CVE-2018-6928 affects PHP Scripts Mall News Website Script 2.0.4, with a SQL Injection vulnerability in the search term parameter. Root cause is improper handling of user input allowing unauthorized SQL execution. Impact per sources is high: potential leakage of data, data alteration, and disrupt...

CVE-2018-6928

PHP Scripts Mall News Website Script 2.0.4 has SQL Injection via a search term...

Sql injection

SQL Injection exists in PHP Scripts Mall Select Your College Script 2.0.2 via a Login Parameter...