Chartered Accountant : Security Vulnerabilities
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has Stored XSS in the Profile Update page via the My Name field.
CVSS Score
5.4
EPSS Score
0.002
Published
2019-06-06
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has HTML injection via the First Name field.
CVSS Score
5.4
EPSS Score
0.002
Published
2019-03-21
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 allows remote attackers to cause a denial of service (unrecoverable blank profile) via crafted JavaScript code in the First Name and Last Name field.
CVSS Score
6.5
EPSS Score
0.005
Published
2019-03-21
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory.
CVSS Score
6.5
EPSS Score
0.004
Published
2019-03-21
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has CSRF via client/auditor/updprofile.php.
CVSS Score
8.8
EPSS Score
0.001
Published
2018-08-10
PHP Scripts Mall Auditor Website 2.0.1 has XSS via the lastname or firstname parameter.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-07-09