582 matches found
CVE-2017-17929
PHP Scripts Mall Professional Service Script has XSS via the admin/bannerview.php view parameter...
CVE-2017-17925
PHP Scripts Mall Professional Service Script has XSS via the admin/generalsettingupd.php websitetitle parameter...
CVE-2017-17926
PHP Scripts Mall Professional Service Script has a predicable registration URL, which makes it easier for remote attackers to register with an invalid or spoofed e-mail address...
CVE-2017-17924
The CVE-2017-17924 vulnerability affects PHP Scripts Mall Professional Service Script, enabling information disclosure: remote attackers can obtain sensitive full-path information via the id parameter in admin/review_userwise.php. Root cause is improper handling of the id parameter, leading to ex...
CVE-2017-17929
The CVE concerns PHP Scripts Mall Professional Service Script. Affected component: admin/bannerview.php with the view parameter vulnerable to XSS. This is described across multiple sources as a cross-site scripting vulnerability in the Professional Service Script, enabling script execution via th...
CVE-2017-17926
CVE-2017-17926 concerns the PHP Scripts Mall Professional Service Script, where a predictable registration URL enables remote attackers to create accounts using invalid or spoofed email addresses. The description across multiple connected documents consistently identifies the vulnerability as a p...
CVE-2017-17924
PHP Scripts Mall Professional Service Script allows remote attackers to obtain sensitive full-path information via the id parameter to admin/reviewuserwise.php...
CVE-2017-17930
The affected software is PHP Scripts Mall Professional Service Script. It contains a Cross-Site Request Forgery (CSRF) vulnerability exploitable via admin/general_settingupd.php, demonstrated by changing a setting in the user panel. The root cause and specific impact details are described across ...
CVE-2017-17931
PHP Scripts Mall Resume Clone Script has SQL Injection via the forget.php username parameter...
CVE-2017-17930
PHP Scripts Mall Professional Service Script has CSRF via admin/generalsettingupd.php, as demonstrated by modifying a setting in the user panel...
CVE-2017-17927
PHP Scripts Mall Professional Service Script allows remote attackers to obtain sensitive full-path information via a crafted PATHINFO to service-list/category/...
CVE-2017-17928
PHP Scripts Mall Professional Service Script has SQL injection via the admin/review.php id parameter...
CVE-2017-17928
The CVE-2017-17928 entry concerns PHP Scripts Mall Professional Service Script. It describes an SQL injection vulnerability in the admin/review.php endpoint triggered via the id parameter, allowing an attacker to manipulate queries. Connected CNVD/NVD records corroborate a SQL injection vulnerabi...
CVE-2017-17925
Summary: CVE-2017-17925 affects the PHP Scripts Mall Professional Service Script. The vulnerability is an XSS flaw in the admin/general_settingupd.php endpoint, specifically via the website_title parameter. This is documented across multiple sources (NVD and CNVD entries) as a cross-site scriptin...
PHP Scripts Mall Responsive Realestate Script Cross-Site Scripting Vulnerability
Responsive Realestate Script is a script for building real estate websites. A cross-site scripting vulnerability exists in PHP Scripts Mall Responsive Realestate Script. A remote attacker can inject arbitrary web script or HTML by sending the 'gplus' parameter to the admin/general.php file...
CVE-2017-17908
PHP Scripts Mall Responsive Realestate Script has CSRF via admin/general...
CVE-2017-17909
PHP Scripts Mall Responsive Realestate Script has XSS via the admin/general.php gplus parameter...
CVE-2017-17907
CVE-2017-17907 affects PHP Scripts Mall Car Rental Script and is an XSS vulnerability exploitable via the admin/areaedit.php?carid parameter or admin/sitesettings.php?websitename parameter. Public records describe reflected/stored XSS vectors in these parameters, enabling injecting HTML/JS conten...
CVE-2017-17906
PHP Scripts Mall Car Rental Script suffers an SQL Injection vulnerability in the admin/carlistedit.php carid parameter. The issue allows backend database manipulation, with high impact on confidentiality, integrity, and availability (CVSS v3.0 9.8). No remediation details are provided in the supp...
CVE-2017-17907
PHP Scripts Mall Car Rental Script has XSS via the admin/areaedit.php carid parameter or the admin/sitesettings.php websitename parameter...