Cross site request forgery (csrf)

PHP Scripts Mall Car Rental Script 2.0.8 has Cross-Site Request Forgery CSRF via accountedit.php...

CVE-2018-20647

The CVE-2018-20647 entry concerns PHP Scripts Mall Car Rental Script 2.0.8, where a directory-traversal vulnerability exists in the handling of image directories (e.g., images/). The connected records confirm the affected product and the vulnerable component/behavior, but do not provide exploitat...

CVE-2018-6904

PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the User Name field in an Edit Profile action...

Sql injection

Basic B2B Script 2.0.8 has SQL Injection via the productdetails.php id parameter...

CVE-2017-17600

Basic B2B Script 2.0.8 has SQL Injection via the productdetails.php id parameter...

CVE-2017-17600

CVE-2017-17600 affects Basic B2B Script 2.0.8, with a SQL Injection vulnerability via the id parameter in product_details.php. The root cause is unsafe handling of the id input that enables injection of SQL commands. This vulnerability has a high impact in CVSS terms (confidentiality, integrity, ...

Basic B2B Script 2.0.8 SQL Injection

Exploit Title: Basic B2B Script 2.0.8 - SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/professional-b2b-script/ Version: 2.0.8 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A Exploit Author...

Basic B2B Script 2.0.8 - product_details.php?id SQL Injection

Basic B2B Script 2.0.8 - productdetails.php?id SQL Injection Exploit Title: Basic B2B Script 2.0.8 - SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/professional-b2b-script/ Version: 2.0.8 Category:...