2 matches found
CVE-2018-6868
CVE-2018-6868 affects PHP Scripts Mall Slickdeals/DealNews/Groupon Clone Script 3.0.2. The issue is a Cross-Site Scripting vulnerability exposed via a User Profile Field parameter in the web app. PoC and multiple public exploits indicate a stored XSS vector, demonstrated in PoC examples (e.g., sc...
CVE-2017-17638
The CVE relates to Groupon Clone Script 3.01, where an SQL Injection vulnerability exists in city_ajax.php via the state_id parameter. Public references (Exploit-DB, Packet Storm) indicate a remote attacker could leverage this to inject SQL commands. The CVSS metrics indicate a high severity (AV:...