Lucene search
K
Php Multivendor Ecommerce ProjectPhp Multivendor Ecommerce

11 matches found

CVE
CVE
added 2017/12/28 6:0 p.m.58 views

CVE-2017-17957

The CVE-2017-17957 vulnerability affects PHP Scripts Mall PHP Multivendor Ecommerce, where the my_wishlist.php fid parameter is susceptible to SQL injection. This issue enables an attacker to inject arbitrary SQL via the parameter, as reported in multiple feeds referencing a SQL injection flaw in...

9.8CVSS9.9AI score0.01161EPSS
CVE
CVE
added 2017/12/28 6:0 p.m.54 views

CVE-2017-17960

The CVE-2017-17960 entry concerns PHP Scripts Mall PHP Multivendor Ecommerce and a CSRF vulnerability via admin/sellerupd.php. The connected records consistently identify a cross-site request forgery issue without detailing affected versions or root cause beyond the vulnerability type. Exploitati...

8.8CVSS8.7AI score0.00505EPSS
CVE
CVE
added 2017/12/13 9:0 a.m.53 views

CVE-2017-17624

CVE-2017-17624 affects PHP Multivendor Ecommerce 1.0. The vulnerability is a SQL Injection in the application, exploitable through unsanitized input in the file single_detail.php (sid parameter) or category.php (searchcat or chid1 parameter). The issue is documented across multiple sources as a S...

9.8CVSS9.9AI score0.0305EPSS
CVE
CVE
added 2017/12/28 6:0 p.m.52 views

CVE-2017-17952

The CVE-2017-17952 entry concerns PHP Scripts Mall PHP Multivendor Ecommerce, where a predicable registration URL enables remote attackers to complete registrations using invalid or spoofed email addresses. Connected sources (Red Hat, CNVD, CNVD CNVD-2018, PRION, CVE lists, etc.) corroborate the ...

8.6CVSS8.5AI score0.01136EPSS
CVE
CVE
added 2017/12/28 6:0 p.m.50 views

CVE-2017-17958

CVE-2017-17958 concerns PHP Scripts Mall’s PHP Multivendor Ecommerce platform, with a reported Cross-Site Scripting (XSS) vulnerability exploitable via the my_wishlist.php parameter fid . The connected documents consistently identify XSS as the issue; no details on a specific exploit vector, affe...

6.1CVSS6AI score0.00683EPSS
CVE
CVE
added 2017/12/28 6:0 p.m.49 views

CVE-2017-17951

The CVE-2017-17951 entry concerns PHP Scripts Mall PHP Multivendor Ecommerce, with a documented SQL Injection vulnerability in the shopping-cart.php cusid parameter. The issue is a SQL injection in the cart flow likely due to improper handling of the cusid input in SQL queries (root cause: unsafe...

9.8CVSS9.9AI score0.01161EPSS
CVE
CVE
added 2017/12/28 6:0 p.m.49 views

CVE-2017-17954

The vulnerability concerns PHP Scripts Mall PHP Multivendor Ecommerce. A cross-site scripting (XSS) flaw exists in the seller-view.php usid parameter. The available documents identify the affected software and the vulnerable parameter but do not provide details on root-cause specifics beyond XSS,...

6.1CVSS6AI score0.00683EPSS
CVE
CVE
added 2017/12/28 6:0 p.m.49 views

CVE-2017-17956

CVE-2017-17956 affects PHP Scripts Mall PHP Multivendor Ecommerce with an XSS vulnerability via the admin/sellerupd.php companyname parameter. Connected sources (NVD, Red Hat, CNVD, CNVD, CVE list, PRION, CVELIST) corroborate a cross-site scripting issue; CVSS data (2.0/3.0) indicate MEDIUM sever...

6.1CVSS6AI score0.00683EPSS
Web
CVE
CVE
added 2017/12/28 6:0 p.m.49 views

CVE-2017-17959

The CVE-2017-17959 vulnerability affects PHP Scripts Mall PHP Multivendor Ecommerce and is caused by a SQL Injection in the seller-view.php usid parameter. The issue has publicly reported impact metrics: CVSS v2 base score 7.5 (HIGH) with network attack vector, low complexity, and partial confide...

9.8CVSS9.9AI score0.01161EPSS
CVE
CVE
added 2017/12/28 6:0 p.m.46 views

CVE-2017-17953

The CVE-2017-17953 entry applies to PHP Scripts Mall PHP Multivendor Ecommerce. A cross-site scripting (XSS) vulnerability exists in the category.phpchid1 parameter, enabling script injection. This is the underlying issue described across multiple sources (NVD/Red Hat/CNVD/etc.). The exact impact...

6.1CVSS6AI score0.00683EPSS
CVE
CVE
added 2017/12/28 6:0 p.m.44 views

CVE-2017-17955

The CVE-2017-17955 entry concerns PHP Scripts Mall PHP Multivendor Ecommerce and is supported by multiple connected records showing an XSS vulnerability in the shopping-cart.php cusid parameter. The exploitable vector is a reflected/persistent cross-site scripting via that parameter, but explicit...

6.1CVSS6AI score0.00683EPSS