CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-19924

An issue was discovered in Sales & Company Management System (SCMS) through 2018-06-06. An email address can be modified in between the request for a validation code and the entry of the validation code, leading to storage of an XSS payload contained in the modified address.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 47.2%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

Products affected by CVE-2018-19924

Sales & Company Management System Project » Sales & Company Management System » Version: N/A

cpe:2.3:a:sales_&_company_management_system_project:sales_&_company_management_system:-
Sales & Company Management System Project » Sales & Company Management System » Version: 2018-06-06

cpe:2.3:a:sales_&_company_management_system_project:sales_&_company_management_system:2018-06-06
Sales & Company Management System Project » Sales & Company Management System » Version: 2018-12-05

cpe:2.3:a:sales_&_company_management_system_project:sales_&_company_management_system:2018-12-05

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-19924

Products

Pricing

Contact Us