CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

PHP Scripts Mall Charity Donation Script readymadeb2bscript has directory traversal via a direct request for a listing of an uploads directory such as the wp-content/uploads/2018/12 directory...

5.3CVSS5.4AI score0.00191EPSS

Exploits1References1

NVD•added 2019/03/21 4:0 p.m.•8 views

CVE-2018-20635

PHP Scripts Mall Advance B2B Script 2.1.4 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory...

4.3CVSS4.8AI score0.00164EPSS

Exploits1References1

NVD•added 2019/03/21 4:0 p.m.•7 views

CVE-2018-20628

PHP Scripts Mall Charity Foundation Script 1 through 3 allows directory traversal via a direct request for a listing of an uploads directory such as the wp-content/uploads/2018/12 directory...

7.5CVSS7.6AI score0.00561EPSS

Exploits1References1

NVD•added 2019/03/21 4:0 p.m.•7 views

CVE-2018-20630

PHP Scripts Mall Advance Crowdfunding Script 2.0.3 has directory traversal via a direct request for a listing of an uploads directory such as the wp-content/uploads/2018/12 directory...

5.3CVSS5.4AI score0.0031EPSS

Exploits1References1

OSV•added 2019/03/21 4:0 p.m.•1 views

CVE-2018-20627

PHP Scripts Mall Consumer Reviews Script 4.0.3 has HTML injection via the search box...

5.4CVSS5.8AI score0.00206EPSS

Exploits1References1

OSV•added 2019/03/21 4:0 p.m.•3 views

CVE-2018-20638

PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory...

6.5CVSS5.8AI score0.00355EPSS

Exploits1References1

NVD•added 2019/03/21 4:0 p.m.•9 views

CVE-2018-20633

PHP Scripts Mall Advance B2B Script 2.1.4 has Cross-Site Request Forgery CSRF via the Edit Profile feature...

8.8CVSS9AI score0.00141EPSS

Exploits1References1

NVD•added 2019/03/21 4:0 p.m.•6 views

CVE-2018-20627

PHP Scripts Mall Consumer Reviews Script 4.0.3 has HTML injection via the search box...

5.4CVSS5.8AI score0.00206EPSS

Exploits1References1

OSV•added 2019/03/21 4:0 p.m.•3 views

CVE-2018-20631

PHP Scripts Mall Website Seller Script 2.0.5 allows full Path Disclosure via a request for an arbitrary image URL such as a .png file...

5.3CVSS5.9AI score0.00366EPSS

Exploits1References1

OSV•added 2019/03/21 4:0 p.m.•1 views

CVE-2018-20632

PHP Scripts Mall Advance B2B Script 2.1.4 has stored Cross-Site Scripting XSS via the FIRST NAME or LAST NAME field...

5.4CVSS5.8AI score0.00206EPSS

Exploits1References1

OSV•added 2019/03/21 4:0 p.m.•3 views

CVE-2018-20633

PHP Scripts Mall Advance B2B Script 2.1.4 has Cross-Site Request Forgery CSRF via the Edit Profile feature...

8.8CVSS5.8AI score0.00141EPSS

Exploits1References1

NVD•added 2019/03/21 4:0 p.m.•7 views

CVE-2018-20638

PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory...

6.5CVSS6.6AI score0.00355EPSS

Exploits1References1

Prion•added 2019/03/21 4:0 p.m.•15 views

Input validation

PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has HTML injection via the Search Bar...

4.3CVSS6.5AI score0.0024EPSS

Exploits1References1Affected Software1

Prion•added 2019/03/21 4:0 p.m.•13 views

Code injection

PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 allows remote attackers to cause a denial of service unrecoverable blank profile via crafted JavaScript code in the First Name and Last Name field...

4CVSS6.5AI score0.00516EPSS

Exploits1References1

Prion•added 2019/03/21 4:0 p.m.•13 views

Cross site scripting

PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has stored Cross-Site Scripting XSS via the Full Name field...

3.5CVSS5.3AI score0.00206EPSS

Exploits1References1Affected Software1

Prion•added 2019/03/21 4:0 p.m.•6 views

Design/Logic Flaw

PHP Scripts Mall Consumer Reviews Script 4.0.3 has HTML injection via the search box...

3.5CVSS5.8AI score0.00206EPSS

Exploits1References1Affected Software1