Posty Readymade Classifieds Security Vulnerabilities and Issues — Posty Readymade Classifieds CVE List

Lucene search

ScubezPosty Readymade Classifieds

4 matches found

CVE•added 2017/12/13 9:29 a.m.•46 views

CVE-2017-17567

Scubez Posty Readymade Classifieds has SQL Injection via the admin/user_activate_submit.php ID parameter.

7.5CVSS8AI score0.00251EPSS

CVE•added 2017/12/13 9:29 a.m.•44 views

CVE-2017-17568

Scubez Posty Readymade Classifieds has Incorrect Access Control for visiting admin/user_activate_submit.php (aka the backend PHP script), which might allow remote attackers to obtain sensitive information via a direct request.

7.5CVSS7.3AI score0.00323EPSS

CVE•added 2017/12/13 9:29 a.m.•44 views

CVE-2017-17569

Scubez Posty Readymade Classifieds has XSS via the admin/user_activate_submit.php ID parameter.

6.1CVSS6AI score0.0024EPSS

CVE•added 2017/12/11 5:29 p.m.•39 views

CVE-2017-17111

Posty Readymade Classifieds Script 1.0 allows an attacker to inject SQL commands via a listings.php?catid= or ads-details.php?ID= request.

9.8CVSS9.5AI score0.17712EPSS