Website Broker Script allows SQL Injection via the 'status_id' Parameter to status_list.php.
9.8CVSS
9.8AI Score
0.003EPSS
PHP Scripts Mall Website Broker Script 3.0.6 has XSS via the Last Name field on the My Profile page.
5.4CVSS
5.3AI Score
0.001EPSS