CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

Prion•added 2018/01/03 8:29 p.m.•10 views

Design/Logic Flaw

Online Ticket Booking has XSS via the admin/sitesettings.php keyword parameter...

3.5CVSS4.8AI score0.00219EPSS

Exploits1References1

NVD•added 2018/01/03 8:29 p.m.•11 views

CVE-2018-5072

Online Ticket Booking has XSS via the admin/sitesettings.php keyword parameter...

4.8CVSS5AI score0.00219EPSS

Exploits1References1

CVE•added 2018/01/03 8:0 p.m.•48 views

CVE-2018-5072

CVE-2018-5072 describes a Cross-Site Scripting (XSS) vulnerability in Online Ticket Booking, exploitable via the admin/sitesettings.php keyword parameter. Multiple connected records confirm the issue and describe the impact as XSS, with CVSS scores from NVD indicating low–medium severity (base sc...

4.8CVSS4.9AI score0.00219EPSS

Exploits1References1Affected Software1

NVD•added 2017/12/28 6:29 a.m.•8 views

CVE-2017-17940

PHP Scripts Mall Single Theater Booking has XSS via the title parameter to admin/sitesettings.php...

4.8CVSS5AI score0.00219EPSS

Exploits1References1

CVE•added 2017/12/28 6:0 a.m.•45 views

CVE-2017-17939

The CVE-2017-17939 entry relates to PHP Scripts Mall Single Theater Booking and describes a Cross-Site Request Forgery (CSRF) vulnerability in the admin/sitesettings.php page. The affected software/component is PHP Scripts Mall Single Theater Booking; the underlying issue is CSRF that allows an a...

8.8CVSS8.7AI score0.00112EPSS

Exploits1References1Affected Software1

CVE•added 2017/12/28 6:0 a.m.•38 views

CVE-2017-17940

CVE-2017-17940 concerns PHP Scripts Mall Single Theater Booking. The issue is a cross-site scripting (XSS) vulnerability in the admin/sitesettings.php page caused by unsafely handling the title parameter. The exploit path is user-controlled input reflected in the title field, enabling an attacker...

4.8CVSS4.9AI score0.00219EPSS

Exploits1References1Affected Software1

Prion•added 2017/12/27 5:8 p.m.•15 views

Design/Logic Flaw

PHP Scripts Mall Car Rental Script has XSS via the admin/areaedit.php carid parameter or the admin/sitesettings.php websitename parameter...

4.3CVSS6AI score0.0024EPSS

Exploits1References1Affected Software1

CVE•added 2017/12/25 4:0 p.m.•46 views

CVE-2017-17907

CVE-2017-17907 affects PHP Scripts Mall Car Rental Script and is an XSS vulnerability exploitable via the admin/areaedit.php?carid parameter or admin/sitesettings.php?websitename parameter. Public records describe reflected/stored XSS vectors in these parameters, enabling injecting HTML/JS conten...

6.1CVSS6AI score0.0024EPSS

Exploits1References1Affected Software1

CVE•added 2017/12/25 4:0 p.m.•40 views

CVE-2017-17905

Vulnerability: CVE-2017-17905 in PHP Scripts Mall Car Rental Script exhibits a Cross-Site Request Forgery (CSRF) through admin/sitesettings.php. Root cause: CSRF flaw allowing unauthorized state-changing requests via the affected admin interface. Impact (as stated): partial to high confidentialit...

8.8CVSS8.7AI score0.00134EPSS

Exploits1References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by