Basic B2B Script allows SQL Injection via the product_view1.php pid or id parameter.
9.8CVSS
9.9AI Score
0.003EPSS
PHP Scripts Mall Basic B2B Script 2.0.0 has Reflected and Stored XSS via the First name, Last name, Address 1, City, State, and Company name fields.
5.4CVSS
5.2AI Score
0.001EPSS
PHP Scripts Mall Entrepreneur B2B Script 3.0.6 allows Stored XSS via Account Settings fields such as FirstName and LastName, a similar issue to CVE-2018-14541.
5.4CVSS
5.2AI Score
0.001EPSS