Lucene search
+L

54 matches found

Prion
Prion
added 2017/12/27 5:8 p.m.15 views

Sql injection

Readymade Video Sharing Script has SQL Injection via the viewsubs.php chnlid parameter or the searchvideo.php search parameter...

7.5CVSS9.9AI score0.01161EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2017/12/25 12:0 a.m.7 views

PHP Scripts Mall Readymade Job Site Script SQL Injection Vulnerability

PHP Scripts Mall Readymade Job Site Script is a PHP based job site script by PHP Scripts Mall India. The script includes features like job management, profile management and email notifications. A SQL injection vulnerability exists in PHP Scripts Mall Readymade Job Site Script. A remote attacker...

9.8CVSS8AI score0.01161EPSS
Exploits1References1
CNVD
CNVD
added 2017/12/25 12:0 a.m.4 views

PHP Scripts Mall Readymade Video Sharing Script Cross-Site Request Forgery Vulnerability

PHP Scripts Mall Readymade Video Sharing Script is a set of PHP based online video sharing website scripts by PHP Scripts Mall India. A cross-site request forgery vulnerability exists in PHP Scripts Mall Readymade Video Sharing Script. A remote attacker can use the user-profile-edit.php file to...

8.8CVSS6.8AI score0.00505EPSS
Exploits1References1
CVE
CVE
added 2017/12/24 6:0 p.m.51 views

CVE-2017-17896

CVE-2017-17896 affects Readymade Job Site Script with a cross-site scripting (XSS) vulnerability via the keyword parameter to the /job URI. The NVD entry reports a base score of 4.3 (CVSS2) and 6.1 (CVSS3), indicating that network access is required and user interaction is involved in a changed s...

6.1CVSS5.9AI score0.00683EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2017/12/24 6:0 p.m.51 views

CVE-2017-17894

CVE-2017-17894 affects the Readymade Job Site Script, with a CSRF flaw exploitable via the /job URI. Public sources (NVD/NVD-derived records) assign a CVSS‑3 base score of 8.8 (HIGH) and CVSS‑2 of 6.8 (MEDIUM), indicating network access required with user interaction typically needed (UI: REQUIRE...

8.8CVSS8.7AI score0.00505EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2017/12/24 6:0 p.m.51 views

CVE-2017-17895

CVE-2017-17895 affects Readymade Job Site Script (PHP Scripts Mall). The vulnerability is a SQL Injection via the location_name array parameter to the /job URI, caused by unsanitized input in the application. Documented impact includes high confidentiality, integrity, and availability risks (CVSS...

9.8CVSS9.8AI score0.01161EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2017/12/24 6:0 p.m.43 views

CVE-2017-17892

The CVE-2017-17892 entry refers to Readymade Video Sharing Script with an SQL Injection vulnerability exposed through viewsubs.php?chnlid and search_video.php?search. Multiple connected sources confirm this vulnerability exists in the Readymade Video Sharing Script and detail the injection vector...

9.8CVSS9.9AI score0.01161EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2017/12/24 6:0 p.m.27 views

CVE-2017-17891

Readymade Video Sharing Script has CSRF via user-profile-edit.php...

8.8AI score0.00505EPSS
Exploits1References1
Cvelist
Cvelist
added 2017/12/24 6:0 p.m.23 views

CVE-2017-17893

Readymade Video Sharing Script has XSS via the searchvideo.php search parameter, the viewsubs.php chnlid parameter, or the user-profile-edit.php fname parameter...

6.1AI score0.00683EPSS
Exploits1References1
Cvelist
Cvelist
added 2017/12/24 6:0 p.m.20 views

CVE-2017-17894

Readymade Job Site Script has CSRF via the /job URI...

8.8AI score0.00505EPSS
Exploits1References1
Cvelist
Cvelist
added 2017/12/24 6:0 p.m.27 views

CVE-2017-17895

Readymade Job Site Script has SQL Injection via the locationname array parameter to the /job URI...

9.9AI score0.01161EPSS
Exploits1References1
Cvelist
Cvelist
added 2017/12/24 6:0 p.m.17 views

CVE-2017-17896

Readymade Job Site Script has XSS via the keyword parameter to the /job URI...

6.1AI score0.00683EPSS
Exploits1References1
CVE
CVE
added 2017/12/24 6:0 p.m.47 views

CVE-2017-17893

The following CVE concerns the Readymade Video Sharing Script (PHP Scripts Mall). It has a stored/reflected Cross‑Site Scripting (XSS) vulnerability exploitable via user input parameters: search_video.php using the search parameter, viewsubs.php using the chnlid parameter, and user-profile-edit.p...

6.1CVSS6AI score0.00683EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2017/12/24 6:0 p.m.52 views

CVE-2017-17891

CVE-2017-17891 affects Readymade Video Sharing Script. The vulnerability is a cross-site request forgery (CSRF) in the user-profile-edit.php endpoint. According to CNVD-2018-01938 and corroborating sources, a remote attacker can lure a logged‑in user to trigger changes to sensitive settings via t...

8.8CVSS8.7AI score0.00505EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2017/12/20 12:0 a.m.5 views

PHP Scripts Mall Readymade Video Sharing Script HTTP Injection Vulnerability

PHP Scripts Mall Readymade Video Sharing Script is a set of PHP based online video sharing website scripts by PHP Scripts Mall India. An HTML injection vulnerability exists in PHP Scripts Mall Readymade Video Sharing Script version 3.2. An attacker can exploit this vulnerability to inject HTML co...

6.1CVSS7.3AI score0.02506EPSS
Exploits5References1
NVD
NVD
added 2017/12/18 9:29 a.m.23 views

CVE-2017-17649

Readymade Video Sharing Script 3.2 has HTML Injection via the single-video-detail.php comment parameter...

6.1CVSS6.5AI score0.02506EPSS
Exploits5References2
OSV
OSV
added 2017/12/18 9:29 a.m.6 views

CVE-2017-17649

Readymade Video Sharing Script 3.2 has HTML Injection via the single-video-detail.php comment parameter...

6.1CVSS5.8AI score0.02506EPSS
Exploits5References2
CVE
CVE
added 2017/12/18 9:0 a.m.63 views

CVE-2017-17649

Readymade Video Sharing Script 3.2 is affected by an HTML Injection vulnerability in the single-video-detail.php comment parameter. The root cause is unvalidated input reflected into HTML, enabling injection of markup. Affected component: Readymade Video Sharing Script 3.2 (PHP Scripts Mall). Rep...

6.1CVSS6.4AI score0.02506EPSS
Exploits5References2Affected Software1
CNVD
CNVD
added 2017/12/15 12:0 a.m.5 views

Posty Scubez Posty Readymade Classifieds Unauthorized Access Vulnerability

Posty Scubez Posty Readymade Classifieds is a suite of announcement-based website scripts from Posty India. A security vulnerability exists in Posty Scubez Posty Readymade Classifieds, which stems from the program's failure to perform proper access control on access to the...

7.5CVSS6.8AI score0.01384EPSS
Exploits1References1
exploitpack
exploitpack
added 2017/12/14 12:0 a.m.54 views

Readymade Video Sharing Script 3.2 - HTML Injection

Readymade Video Sharing Script 3.2 - HTML Injection Exploit Title: Readymade Video Sharing Script 3.2 - HTML Injection Dork: N/A Date: 13.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/php-video-sharing-script/ Demo:...

4.3CVSS0.2AI score0.02506EPSS
Exploits5
Rows per page
Query Builder