2 matches found
CVE-2018-6364
Vulnerability : Multilanguage Real Estate MLM Script (3.0 and earlier) has an SQL injection in the srch parameter of /product-list.php . Multiple sources (CNVD/NVD) describe remote, unauthenticated exploitation with high impact to confidentiality, integrity, and availability. CVSSv3.0 base score ...
CVE-2018-6796
CVE-2018-6796 affects the PHP Scripts Mall Multilanguage Real Estate MLM Script 3.0. The connected CNVD/CNVD entries describe a Stored XSS vulnerability that can be triggered via arbitrary input fields on user profiles. The root cause is input fields not properly sanitizing or encoding data, allo...