Website Seller Script Project: >> Website Seller Script >> 2.0.5 Security Vulnerabilities
PHP Scripts Mall Website Seller Script 2.0.5 allows full Path Disclosure via a request for an arbitrary image URL such as a .png file.
CVSS Score
5.3
EPSS Score
0.004
Published
2019-03-21
PHP Scripts Mall Website Seller Script 2.0.5 has XSS via a Profile field such as Company Address, a related issue to CVE-2018-15896.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-12-28
PHP Scripts Mall Website Seller Script 2.0.5 has XSS via Personal Address or Company Name.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-08-28
PHP Scripts Mall Website Seller Script 2.0.5 allows remote attackers to cause a denial of service via crafted JavaScript code in the First Name, Last Name, Company Name, or Fax field, as demonstrated by crossPwn.
CVSS Score
6.5
EPSS Score
0.005
Published
2018-08-28