Basic B2B Script
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-20644 | Hig | 0.57 | 8.8 | 0.01 | Mar 21, 2019 | PHP Scripts Mall Basic B2B Script 2.0.9 has Cross-Site Request Forgery (CSRF) via the Edit profile feature. | ||
| CVE-2018-20646 | Med | 0.42 | 6.5 | 0.02 | Mar 21, 2019 | PHP Scripts Mall Basic B2B Script 2.0.9 has has directory traversal via a direct request for a listing of an image directory such as an uploads/ directory. | ||
| CVE-2018-20645 | Med | 0.35 | 5.4 | 0.01 | Mar 21, 2019 | PHP Scripts Mall Basic B2B Script 2.0.9 has HTML injection via the First Name or Last Name field. | ||
| CVE-2018-14541 | Med | 0.35 | 5.4 | 0.01 | Aug 4, 2018 | PHP Scripts Mall Basic B2B Script 2.0.0 has Reflected and Stored XSS via the First name, Last name, Address 1, City, State, and Company name fields. |
- risk 0.57cvss 8.8epss 0.01
PHP Scripts Mall Basic B2B Script 2.0.9 has Cross-Site Request Forgery (CSRF) via the Edit profile feature.
- risk 0.42cvss 6.5epss 0.02
PHP Scripts Mall Basic B2B Script 2.0.9 has has directory traversal via a direct request for a listing of an image directory such as an uploads/ directory.
- risk 0.35cvss 5.4epss 0.01
PHP Scripts Mall Basic B2B Script 2.0.9 has HTML injection via the First Name or Last Name field.
- risk 0.35cvss 5.4epss 0.01
PHP Scripts Mall Basic B2B Script 2.0.0 has Reflected and Stored XSS via the First name, Last name, Address 1, City, State, and Company name fields.