Vulnerabilities for Basic b2b script (...) - CXSECURITY.COM

Vulnerabilities for 'Basic b2b script'

2019-03-21

CVE-2018-20646

CWE-22

PHP Scripts Mall Basic B2B Script 2.0.9 has has directory traversal via a direct request for a listing of an image directory such as an uploads/ directory.

CVE-2018-20645

CWE-74

PHP Scripts Mall Basic B2B Script 2.0.9 has HTML injection via the First Name or Last Name field.

CVE-2018-20644

CWE-352

PHP Scripts Mall Basic B2B Script 2.0.9 has Cross-Site Request Forgery (CSRF) via the Edit profile feature.

2017-12-13

CVE-2017-17600

CWE-89

Basic B2B Script 2.0.8 has SQL Injection via the product_details.php id parameter.

Copyright 2024, cxsecurity.com