Scubez: >> Posty Readymade Classifieds Security Vulnerabilities
Scubez Posty Readymade Classifieds has SQL Injection via the admin/user_activate_submit.php ID parameter.
CVSS Score
7.5
EPSS Score
0.003
Published
2017-12-13
Scubez Posty Readymade Classifieds has Incorrect Access Control for visiting admin/user_activate_submit.php (aka the backend PHP script), which might allow remote attackers to obtain sensitive information via a direct request.
CVSS Score
7.5
EPSS Score
0.003
Published
2017-12-13
Scubez Posty Readymade Classifieds has XSS via the admin/user_activate_submit.php ID parameter.
CVSS Score
6.1
EPSS Score
0.002
Published
2017-12-13
Posty Readymade Classifieds Script 1.0 allows an attacker to inject SQL commands via a listings.php?catid= or ads-details.php?ID= request.
CVSS Score
9.8
EPSS Score
0.177
Published
2017-12-11