Professional Service Script Security Vulnerabilities and Issues — Professional Service Script CVE List

Lucene search

OrdermanagementscriptProfessional Service Script

7 matches found

CVE•added 2017/12/27 5:8 p.m.•40 views

CVE-2017-17929

PHP Scripts Mall Professional Service Script has XSS via the admin/bannerview.php view parameter.

4.8CVSS4.9AI score0.00235EPSS

CVE•added 2017/12/27 5:8 p.m.•39 views

CVE-2017-17924

PHP Scripts Mall Professional Service Script allows remote attackers to obtain sensitive full-path information via the id parameter to admin/review_userwise.php.

5.3CVSS5.2AI score0.00248EPSS

CVE•added 2017/12/27 5:8 p.m.•38 views

CVE-2017-17925

PHP Scripts Mall Professional Service Script has XSS via the admin/general_settingupd.php website_title parameter.

4.8CVSS5AI score0.00235EPSS

CVE•added 2017/12/27 5:8 p.m.•33 views

CVE-2017-17926

PHP Scripts Mall Professional Service Script has a predicable registration URL, which makes it easier for remote attackers to register with an invalid or spoofed e-mail address.

5.3CVSS5.4AI score0.00244EPSS

CVE•added 2017/12/27 5:8 p.m.•32 views

CVE-2017-17927

PHP Scripts Mall Professional Service Script allows remote attackers to obtain sensitive full-path information via a crafted PATH_INFO to service-list/category/.

5.3CVSS5.1AI score0.00248EPSS

CVE•added 2017/12/27 5:8 p.m.•32 views

CVE-2017-17928

PHP Scripts Mall Professional Service Script has SQL injection via the admin/review.php id parameter.

9.8CVSS9.8AI score0.0025EPSS

CVE•added 2017/12/27 5:8 p.m.•31 views

CVE-2017-17930

PHP Scripts Mall Professional Service Script has CSRF via admin/general_settingupd.php, as demonstrated by modifying a setting in the user panel.

8.8CVSS8.6AI score0.00134EPSS