Naukri / Shine / Jobsite Clone Script
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-11514 | Hig | 0.57 | 8.8 | 0.01 | May 28, 2018 | PHP Scripts Mall Naukri Clone Script through 3.0.3 allows Unrestricted Upload of a File with a Dangerous Type in edit_resume_det.php, as demonstrated by changing .docx to .php. | ||
| CVE-2018-15185 | Med | 0.42 | 6.5 | 0.01 | Aug 10, 2018 | PHP Scripts Mall Naukri / Shine / Jobsite Clone Script 3.0.4 allows remote attackers to cause a denial of service (page update outage) via crafted PHP and JavaScript code in the "Current Position" field. | ||
| CVE-2018-15184 | Med | 0.35 | 5.4 | 0.01 | Aug 9, 2018 | PHP Scripts Mall Naukri / Shine / Jobsite Clone Script 3.0.4 has Stored XSS via the USERNAME field, a related issue to CVE-2018-6795. | ||
| CVE-2018-6795 | Med | 0.35 | 5.4 | 0.01 | Feb 7, 2018 | PHP Scripts Mall Naukri Clone Script 3.0.3 has Stored XSS via every profile input field. |
- risk 0.57cvss 8.8epss 0.01
PHP Scripts Mall Naukri Clone Script through 3.0.3 allows Unrestricted Upload of a File with a Dangerous Type in edit_resume_det.php, as demonstrated by changing .docx to .php.
- risk 0.42cvss 6.5epss 0.01
PHP Scripts Mall Naukri / Shine / Jobsite Clone Script 3.0.4 allows remote attackers to cause a denial of service (page update outage) via crafted PHP and JavaScript code in the "Current Position" field.
- risk 0.35cvss 5.4epss 0.01
PHP Scripts Mall Naukri / Shine / Jobsite Clone Script 3.0.4 has Stored XSS via the USERNAME field, a related issue to CVE-2018-6795.
- risk 0.35cvss 5.4epss 0.01
PHP Scripts Mall Naukri Clone Script 3.0.3 has Stored XSS via every profile input field.