PHP Scripts Mall Auditor Website 2.0.1 has XSS via the lastname or firstname parameter.
6.1CVSS
6AI Score
0.001EPSS
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has CSRF via client/auditor/updprofile.php.
8.8CVSS
8.7AI Score
0.001EPSS
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has HTML injection via the First Name field.
5.4CVSS
5.8AI Score
0.001EPSS
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 allows remote attackers to cause a denial of service (unrecoverable blank profile) via crafted JavaScript code in the First Name and Last Name field.
6.5CVSS
6.5AI Score
0.001EPSS
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory.
6.5CVSS
6.5AI Score
0.001EPSS
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has Stored XSS in the Profile Update page via the My Name field.
5.4CVSS
5.2AI Score
0.001EPSS