54 matches found
Sql injection
Readymade Video Sharing Script has SQL Injection via the viewsubs.php chnlid parameter or the searchvideo.php search parameter...
PHP Scripts Mall Readymade Job Site Script SQL Injection Vulnerability
PHP Scripts Mall Readymade Job Site Script is a PHP based job site script by PHP Scripts Mall India. The script includes features like job management, profile management and email notifications. A SQL injection vulnerability exists in PHP Scripts Mall Readymade Job Site Script. A remote attacker...
PHP Scripts Mall Readymade Video Sharing Script Cross-Site Request Forgery Vulnerability
PHP Scripts Mall Readymade Video Sharing Script is a set of PHP based online video sharing website scripts by PHP Scripts Mall India. A cross-site request forgery vulnerability exists in PHP Scripts Mall Readymade Video Sharing Script. A remote attacker can use the user-profile-edit.php file to...
CVE-2017-17896
CVE-2017-17896 affects Readymade Job Site Script with a cross-site scripting (XSS) vulnerability via the keyword parameter to the /job URI. The NVD entry reports a base score of 4.3 (CVSS2) and 6.1 (CVSS3), indicating that network access is required and user interaction is involved in a changed s...
CVE-2017-17894
CVE-2017-17894 affects the Readymade Job Site Script, with a CSRF flaw exploitable via the /job URI. Public sources (NVD/NVD-derived records) assign a CVSS‑3 base score of 8.8 (HIGH) and CVSS‑2 of 6.8 (MEDIUM), indicating network access required with user interaction typically needed (UI: REQUIRE...
CVE-2017-17895
CVE-2017-17895 affects Readymade Job Site Script (PHP Scripts Mall). The vulnerability is a SQL Injection via the location_name array parameter to the /job URI, caused by unsanitized input in the application. Documented impact includes high confidentiality, integrity, and availability risks (CVSS...
CVE-2017-17892
The CVE-2017-17892 entry refers to Readymade Video Sharing Script with an SQL Injection vulnerability exposed through viewsubs.php?chnlid and search_video.php?search. Multiple connected sources confirm this vulnerability exists in the Readymade Video Sharing Script and detail the injection vector...
CVE-2017-17891
Readymade Video Sharing Script has CSRF via user-profile-edit.php...
CVE-2017-17893
Readymade Video Sharing Script has XSS via the searchvideo.php search parameter, the viewsubs.php chnlid parameter, or the user-profile-edit.php fname parameter...
CVE-2017-17894
Readymade Job Site Script has CSRF via the /job URI...
CVE-2017-17895
Readymade Job Site Script has SQL Injection via the locationname array parameter to the /job URI...
CVE-2017-17896
Readymade Job Site Script has XSS via the keyword parameter to the /job URI...
CVE-2017-17893
The following CVE concerns the Readymade Video Sharing Script (PHP Scripts Mall). It has a stored/reflected Cross‑Site Scripting (XSS) vulnerability exploitable via user input parameters: search_video.php using the search parameter, viewsubs.php using the chnlid parameter, and user-profile-edit.p...
CVE-2017-17891
CVE-2017-17891 affects Readymade Video Sharing Script. The vulnerability is a cross-site request forgery (CSRF) in the user-profile-edit.php endpoint. According to CNVD-2018-01938 and corroborating sources, a remote attacker can lure a logged‑in user to trigger changes to sensitive settings via t...
PHP Scripts Mall Readymade Video Sharing Script HTTP Injection Vulnerability
PHP Scripts Mall Readymade Video Sharing Script is a set of PHP based online video sharing website scripts by PHP Scripts Mall India. An HTML injection vulnerability exists in PHP Scripts Mall Readymade Video Sharing Script version 3.2. An attacker can exploit this vulnerability to inject HTML co...
CVE-2017-17649
Readymade Video Sharing Script 3.2 has HTML Injection via the single-video-detail.php comment parameter...
CVE-2017-17649
Readymade Video Sharing Script 3.2 has HTML Injection via the single-video-detail.php comment parameter...
CVE-2017-17649
Readymade Video Sharing Script 3.2 is affected by an HTML Injection vulnerability in the single-video-detail.php comment parameter. The root cause is unvalidated input reflected into HTML, enabling injection of markup. Affected component: Readymade Video Sharing Script 3.2 (PHP Scripts Mall). Rep...
Posty Scubez Posty Readymade Classifieds Unauthorized Access Vulnerability
Posty Scubez Posty Readymade Classifieds is a suite of announcement-based website scripts from Posty India. A security vulnerability exists in Posty Scubez Posty Readymade Classifieds, which stems from the program's failure to perform proper access control on access to the...
Readymade Video Sharing Script 3.2 - HTML Injection
Readymade Video Sharing Script 3.2 - HTML Injection Exploit Title: Readymade Video Sharing Script 3.2 - HTML Injection Dork: N/A Date: 13.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/php-video-sharing-script/ Demo:...