Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-17568 | 1 Scubez | 1 Posty Readymade Classifieds | 2019-10-02 | 5.0 MEDIUM | 7.5 HIGH |
Scubez Posty Readymade Classifieds has Incorrect Access Control for visiting admin/user_activate_submit.php (aka the backend PHP script), which might allow remote attackers to obtain sensitive information via a direct request. | |||||
CVE-2017-17111 | 1 Scubez | 1 Posty Readymade Classifieds | 2017-12-22 | 7.5 HIGH | 9.8 CRITICAL |
Posty Readymade Classifieds Script 1.0 allows an attacker to inject SQL commands via a listings.php?catid= or ads-details.php?ID= request. | |||||
CVE-2017-17567 | 1 Scubez | 1 Posty Readymade Classifieds | 2017-12-22 | 5.0 MEDIUM | 7.5 HIGH |
Scubez Posty Readymade Classifieds has SQL Injection via the admin/user_activate_submit.php ID parameter. | |||||
CVE-2017-17569 | 1 Scubez | 1 Posty Readymade Classifieds | 2017-12-21 | 4.3 MEDIUM | 6.1 MEDIUM |
Scubez Posty Readymade Classifieds has XSS via the admin/user_activate_submit.php ID parameter. |