Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
Vulnerabilities for
'Website seller script'
2019-03-21
CVE-2018-20631
CWE-22
PHP Scripts Mall Website Seller Script 2.0.5 allows full Path Disclosure via a request for an arbitrary image URL such as a .png file.
2018-12-28
CVE-2018-20530
CWE-79
PHP Scripts Mall Website Seller Script 2.0.5 has XSS via a Profile field such as Company Address, a related issue to CVE-2018-15896.
2018-08-28
CVE-2018-15897
CWE-119
PHP Scripts Mall Website Seller Script 2.0.5 allows remote attackers to cause a denial of service via crafted JavaScript code in the First Name, Last Name, Company Name, or Fax field, as demonstrated by crossPwn.
CVE-2018-15896
CWE-79
PHP Scripts Mall Website Seller Script 2.0.5 has XSS via Personal Address or Company Name.
2018-05-26
CVE-2018-11501
CWE-352
PHP Scripts Mall Website Seller Script 2.0.3 has CSRF via user_submit.php?upd=2, with resultant XSS.
2018-04-12
CVE-2018-6879
CWE-20
PHP Scripts Mall Website Seller Script 2.0.3 uses the client side to enforce validation of an e-mail address, which allows remote attackers to modify a registered e-mail address by removing the validation code.
CVE-2018-6870
CWE-79
Reflected XSS exists in PHP Scripts Mall Website Seller Script 2.0.3 via the Listings Search feature.
Copyright
2024
, cxsecurity.com
Back to Top
Vulnerabilities for 'Website seller script' 