RSS   Vulnerabilities for 'Basic b2b script'   RSS

2019-03-21
 
CVE-2018-20646

CWE-22
 

 
PHP Scripts Mall Basic B2B Script 2.0.9 has has directory traversal via a direct request for a listing of an image directory such as an uploads/ directory.

 
 
CVE-2018-20645

CWE-74
 

 
PHP Scripts Mall Basic B2B Script 2.0.9 has HTML injection via the First Name or Last Name field.

 
 
CVE-2018-20644

CWE-352
 

 
PHP Scripts Mall Basic B2B Script 2.0.9 has Cross-Site Request Forgery (CSRF) via the Edit profile feature.

 
2017-12-13
 
CVE-2017-17600

CWE-89
 

 
Basic B2B Script 2.0.8 has SQL Injection via the product_details.php id parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top