Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Website Seller Script Project Subscribe

Filtered by product Website Seller Script

Total 7 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2018-11501	1 Website Seller Script Project	1 Website Seller Script	2020-08-24	6.0 MEDIUM	8.8 HIGH
PHP Scripts Mall Website Seller Script 2.0.3 has CSRF via user_submit.php?upd=2, with resultant XSS.
CVE-2018-20631	1 Website Seller Script Project	1 Website Seller Script	2019-03-25	5.0 MEDIUM	5.3 MEDIUM
PHP Scripts Mall Website Seller Script 2.0.5 allows full Path Disclosure via a request for an arbitrary image URL such as a .png file.
CVE-2018-20530	1 Website Seller Script Project	1 Website Seller Script	2019-01-03	3.5 LOW	5.4 MEDIUM
PHP Scripts Mall Website Seller Script 2.0.5 has XSS via a Profile field such as Company Address, a related issue to CVE-2018-15896.
CVE-2018-15897	1 Website Seller Script Project	1 Website Seller Script	2018-11-08	4.0 MEDIUM	6.5 MEDIUM
PHP Scripts Mall Website Seller Script 2.0.5 allows remote attackers to cause a denial of service via crafted JavaScript code in the First Name, Last Name, Company Name, or Fax field, as demonstrated by crossPwn.
CVE-2018-15896	1 Website Seller Script Project	1 Website Seller Script	2018-10-31	3.5 LOW	5.4 MEDIUM
PHP Scripts Mall Website Seller Script 2.0.5 has XSS via Personal Address or Company Name.
CVE-2018-6879	1 Website Seller Script Project	1 Website Seller Script	2018-05-16	4.0 MEDIUM	8.8 HIGH
PHP Scripts Mall Website Seller Script 2.0.3 uses the client side to enforce validation of an e-mail address, which allows remote attackers to modify a registered e-mail address by removing the validation code.
CVE-2018-6870	1 Website Seller Script Project	1 Website Seller Script	2018-05-11	4.3 MEDIUM	6.1 MEDIUM
Reflected XSS exists in PHP Scripts Mall Website Seller Script 2.0.3 via the Listings Search feature.