Medium severity5.4NVD Advisory· Published Dec 13, 2018· Updated Jun 17, 2026
CVE-2018-20138
CVE-2018-20138
Description
PHP Scripts Mall Entrepreneur B2B Script 3.0.6 allows Stored XSS via Account Settings fields such as FirstName and LastName, a similar issue to CVE-2018-14541.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: = 3.0.6
Patches
Vulnerability mechanics
References
1- suku90.wordpress.com/2018/12/13/php-b2b-script-stored-xss/nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.