CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2018/05/28 2:0 p.m.•8 views

CVE-2018-11514

PHP Scripts Mall Naukri Clone Script through 3.0.3 allows Unrestricted Upload of a File with a Dangerous Type in editresumedet.php, as demonstrated by changing .docx to .php...

8.7AI score0.00381EPSS

NVD•added 2018/05/26 9:29 p.m.•13 views

CVE-2018-11501

PHP Scripts Mall Website Seller Script 2.0.3 has CSRF via usersubmit.php?upd=2, with resultant XSS...

8.8CVSS8.8AI score0.00149EPSS

Exploits1References2

OSV•added 2018/05/26 9:29 p.m.•2 views

CVE-2018-11501

PHP Scripts Mall Website Seller Script 2.0.3 has CSRF via usersubmit.php?upd=2, with resultant XSS...

8.8CVSS5.8AI score0.00149EPSS

Exploits1References2

Prion•added 2018/05/26 9:29 p.m.•15 views

Cross site request forgery (csrf)

PHP Scripts Mall Website Seller Script 2.0.3 has CSRF via usersubmit.php?upd=2, with resultant XSS...

6CVSS8.7AI score0.00149EPSS

Exploits1References2Affected Software1

CVE•added 2018/05/26 9:0 p.m.•43 views

CVE-2018-11501

The CVE-2018-11501 entry concerns PHP Scripts Mall Website Seller Script 2.0.3, where a CSRF flaw in user_submit.php?upd=2 enables an XSS outcome. The connected records corroborate the same vulnerability description across multiple databases, including NVD, CVE List, CNVD, and others. According t...

8.8CVSS8.7AI score0.00149EPSS

Exploits1References2Affected Software1

exploitpack•added 2018/04/18 12:0 a.m.•28 views

Match Clone Script 1.0.4 - Cross-Site Scripting

Match Clone Script 1.0.4 - Cross-Site Scripting Exploit Title: Match Clone Script 1.0.4 - Cross-Site Scripting Date: 23.02.2018 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/match-clone/ Category: Web Application Exploit Author: ManhNho...

4.3CVSS6.1AI score0.00296EPSS

Exploit DB•added 2018/04/18 12:0 a.m.•36 views

Match Clone Script 1.0.4 - Cross-Site Scripting

Exploit Title: Match Clone Script 1.0.4 - Cross-Site Scripting Date: 23.02.2018 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/match-clone/ Category: Web Application Exploit Author: ManhNho Version: 1.0.4 Tested on: Window 10 / Kali Linux CV...

6.1CVSS6.3AI score0.00296EPSS

0day.today•added 2018/04/18 12:0 a.m.•22 views

Match Clone Script 1.0.4 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Match Clone Script 1.0.4 - Cross-Site Scripting Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/match-clone/ Category: Web Application Exploit Author: ManhNho Version: 1.0.4...

0.1AI score0.00296EPSS

Packet Storm•added 2018/04/18 12:0 a.m.•32 views

Match Clone Script 1.0.4 Cross Site Scripting

6.4AI score0.00296EPSS

NVD•added 2018/04/12 10:29 p.m.•8 views

CVE-2018-6900

PHP Scripts Mall Website Broker Script 3.0.6 has XSS via the Last Name field on the My Profile page...

5.4CVSS5.4AI score0.00206EPSS

NVD•added 2018/04/12 10:29 p.m.•8 views

CVE-2018-6934

CSRF exists in student/personal-info in PHP Scripts Mall Online Tutoring Script 2.0.3...

8.8CVSS8.8AI score0.00138EPSS

Prion•added 2018/04/12 10:29 p.m.•14 views

Cross site request forgery (csrf)

CSRF exists in student/personal-info in PHP Scripts Mall Online Tutoring Script 2.0.3...

6.8CVSS8.7AI score0.00138EPSS

Prion•added 2018/04/12 10:29 p.m.•10 views

Input validation

PHP Scripts Mall Website Seller Script 2.0.3 uses the client side to enforce validation of an e-mail address, which allows remote attackers to modify a registered e-mail address by removing the validation code...

4CVSS8.6AI score0.00285EPSS

Prion•added 2018/04/12 10:29 p.m.•11 views

Cross site scripting

Reflected XSS exists in PHP Scripts Mall Website Seller Script 2.0.3 via the Listings Search feature...

4.3CVSS6AI score0.0024EPSS

NVD•added 2018/04/12 10:29 p.m.•5 views

CVE-2018-6904

PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the User Name field in an Edit Profile action...

5.4CVSS5.3AI score0.00206EPSS

OSV•added 2018/04/12 10:29 p.m.•1 views

CVE-2018-6934

CSRF exists in student/personal-info in PHP Scripts Mall Online Tutoring Script 2.0.3...

8.8CVSS5.8AI score0.00138EPSS

Cvelist•added 2018/04/12 10:0 p.m.•12 views

CVE-2018-6904

PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the User Name field in an Edit Profile action...

5.3AI score0.00206EPSS

CVE•added 2018/04/12 10:0 p.m.•38 views

CVE-2018-6934

The CVE-2018-6934 entry describes a CSRF vulnerability in the PHP Scripts Mall Online Tutoring Script 2.0.3, specifically affecting the student/personal-info component. The connected documents corroborate the issue across NVD and CVE listings, though they do not provide additional details on the ...

8.8CVSS8.7AI score0.00138EPSS

CVE•added 2018/04/12 10:0 p.m.•36 views

CVE-2018-6870

The CVE-2018-6870 entry describes a Reflected XSS in PHP Scripts Mall Website Seller Script 2.0.3 via the Listings Search feature. Affected software is PHP Scripts Mall Website Seller Script 2.0.3; root cause identified as reflected XSS through the Listings Search parameter. No exploit details or...

6.1CVSS6AI score0.0024EPSS