Basic B2b Script Project: Security Vulnerabilities
PHP Scripts Mall Basic B2B Script 2.0.9 has Cross-Site Request Forgery (CSRF) via the Edit profile feature.
CVSS Score
8.8
EPSS Score
0.001
Published
2019-03-21
PHP Scripts Mall Basic B2B Script 2.0.9 has HTML injection via the First Name or Last Name field.
CVSS Score
5.4
EPSS Score
0.002
Published
2019-03-21
PHP Scripts Mall Basic B2B Script 2.0.9 has has directory traversal via a direct request for a listing of an image directory such as an uploads/ directory.
CVSS Score
6.5
EPSS Score
0.004
Published
2019-03-21
Basic B2B Script 2.0.8 has SQL Injection via the product_details.php id parameter.
CVSS Score
9.8
EPSS Score
0.025
Published
2017-12-13