CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

582 matches found

CVE•added 2019/03/20 7:21 p.m.•32 views

CVE-2018-20646

The CVE-2018-20646 entry concerns PHP Scripts Mall Basic B2B Script 2.0.9, where a directory traversal vulnerability allows listing of an image directory (e.g., uploads/) via a direct request. The vulnerability targets the image directory listing functionality; CVSS metrics indicate a Network att...

6.5CVSS6.5AI score0.00485EPSS

Exploits1References1Affected Software1

Cvelist•added 2019/03/20 7:12 p.m.•13 views

CVE-2018-20645

PHP Scripts Mall Basic B2B Script 2.0.9 has HTML injection via the First Name or Last Name field...

5.8AI score0.00206EPSS

Exploits1References1

CVE•added 2019/03/20 7:12 p.m.•35 views

CVE-2018-20645

Summary of CVE-2018-20645 : The vulnerability affects PHP Scripts Mall Basic B2B Script 2.0.9, with HTML injection possible through the First Name or Last Name fields. The initial disclosure lists a CVSS base score of 5.4 (Medium) on CVSS 3.0 and 3.5 (Low) on CVSS 2.0, indicating a moderate impac...

5.4CVSS5.8AI score0.00206EPSS

Exploits1References1Affected Software1

Cvelist•added 2019/03/20 7:9 p.m.•13 views

CVE-2018-20644

PHP Scripts Mall Basic B2B Script 2.0.9 has Cross-Site Request Forgery CSRF via the Edit profile feature...

9AI score0.00141EPSS

Exploits1References1

Cvelist•added 2019/03/20 7:3 p.m.•17 views

CVE-2018-20642

PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 allows remote attackers to cause a denial of service outage of profile editing via crafted JavaScript code in the KeySkills field...

6.6AI score0.00539EPSS

Exploits1References1

CVE•added 2019/03/20 7:3 p.m.•37 views

CVE-2018-20642

CVE-2018-20642 affects PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1. The vulnerability is triggered by crafted JavaScript in the KeySkills field, causing a denial of service (outage of profile editing). Documents confirm the affected product and root cause (malformed input in KeySkills) ...

6.5CVSS6.5AI score0.00539EPSS

Exploits1References1Affected Software1

Cvelist•added 2019/03/20 7:0 p.m.•12 views

CVE-2018-20641

PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has Cross-Site Request Forgery CSRF via the Edit Profile feature...

9AI score0.00145EPSS

Exploits1References1

Cvelist•added 2019/03/20 6:58 p.m.•12 views

CVE-2018-20640

PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has stored Cross-Site Scripting XSS via the Full Name field...

5.4AI score0.00206EPSS

Exploits1References1

CVE•added 2019/03/20 6:58 p.m.•40 views

CVE-2018-20640

The vulnerability described for CVE-2018-20640 affects the PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1. It is a stored Cross-Site Scripting (XSS) vulnerability triggered via the Full Name field, as indicated across multiple sources (NVD entry and mirrored records). The root cause detail...

5.4CVSS5.3AI score0.00206EPSS

Exploits1References1Affected Software1

Cvelist•added 2019/03/20 6:54 p.m.•10 views

CVE-2018-20639

PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has HTML injection via the Search Bar...

6.6AI score0.0024EPSS

Exploits1References1

CVE•added 2019/03/20 6:54 p.m.•39 views

CVE-2018-20639

CVE-2018-20639 affects PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1, with an HTML injection vulnerability exploitable via the Search Bar. The connected sources consistently describe HTML injection in this product edition and do not provide specific exploit code, versions beyond 3.0.1, or...

6.1CVSS6.5AI score0.0024EPSS

Exploits1References1Affected Software1

Cvelist•added 2019/03/20 6:49 p.m.•13 views

CVE-2018-20638

PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory...

6.6AI score0.00355EPSS

Exploits1References1

CVE•added 2019/03/20 6:46 p.m.•41 views

CVE-2018-20637

CVE-2018-20637 affects PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1. The vulnerability allows remote attackers to cause a denial of service (unrecoverable blank profile) by sending crafted JavaScript in the First Name and Last Name fields. Documented impact per CVSS metrics shows...

6.5CVSS6.5AI score0.00516EPSS

Exploits1References1Affected Software1

Cvelist•added 2019/03/20 6:43 p.m.•13 views

CVE-2018-20636

PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has HTML injection via the First Name field...

5.8AI score0.00206EPSS

Exploits1References1

CVE•added 2019/03/20 6:43 p.m.•36 views

CVE-2018-20636

CVE-2018-20636 affects PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1. The vulnerability is HTML injection via the First Name field. Public references confirm the product/version and injection class; CVSS v3.0 base score is 5.4 (MEDIUM) with network access and user interaction requ...

5.4CVSS5.8AI score0.00206EPSS

Exploits1References1Affected Software1

Cvelist•added 2019/03/20 6:40 p.m.•8 views

CVE-2018-20635

PHP Scripts Mall Advance B2B Script 2.1.4 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory...

4.8AI score0.00164EPSS

Exploits1References1

CVE•added 2019/03/20 6:35 p.m.•37 views

CVE-2018-20634

CVE-2018-20634 affects PHP Scripts Mall Advance B2B Script 2.1.4. The vulnerability allows a remote attacker to cause a denial of service by injecting JavaScript in the First Name field, leading to a changed page structure. The available documents do not provide the exploited vectors beyond this ...

6.5CVSS6.5AI score0.00539EPSS

Exploits1References1Affected Software1

Cvelist•added 2019/03/20 6:20 p.m.•15 views

CVE-2018-20633

PHP Scripts Mall Advance B2B Script 2.1.4 has Cross-Site Request Forgery CSRF via the Edit Profile feature...

9AI score0.00141EPSS

Exploits1References1

CVE•added 2019/03/20 6:15 p.m.•40 views

CVE-2018-20632

CVE-2018-20632 concerns PHP Scripts Mall Advance B2B Script 2.1.4. The vulnerability is a stored Cross-Site Scripting (XSS) that can be triggered via the FIRST NAME or LAST NAME fields. The connected documents do not provide exploit details, status, or remediation, and no other affected component...

5.4CVSS5.3AI score0.00206EPSS

Exploits1References1Affected Software1

Cvelist•added 2019/03/20 4:38 p.m.•11 views

CVE-2018-20630

PHP Scripts Mall Advance Crowdfunding Script 2.0.3 has directory traversal via a direct request for a listing of an uploads directory such as the wp-content/uploads/2018/12 directory...

5.4AI score0.0031EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by