Lucene search

Basic B2B Script Security Vulnerabilities

cve

CVE-2017-17600

Basic B2B Script 2.0.8 has SQL Injection via the product_details.php id parameter.

9.8CVSS

9.8AI Score

0.002EPSS

2017-12-13 09:29 AM

cve

CVE-2018-20644

PHP Scripts Mall Basic B2B Script 2.0.9 has Cross-Site Request Forgery (CSRF) via the Edit profile feature.

8.8CVSS

8.8AI Score

0.001EPSS

2019-03-21 04:00 PM

cve

CVE-2018-20645

PHP Scripts Mall Basic B2B Script 2.0.9 has HTML injection via the First Name or Last Name field.

5.4CVSS

5.8AI Score

0.001EPSS

2019-03-21 04:00 PM

cve

CVE-2018-20646

PHP Scripts Mall Basic B2B Script 2.0.9 has has directory traversal via a direct request for a listing of an image directory such as an uploads/ directory.

6.5CVSS

6.5AI Score

0.001EPSS

2019-03-21 04:00 PM