CVE – 60 Critical Vulnerabilities

CVE=> Common Vulnerabilities and Exposures system provides a reference-method for publicly known information-security vulnerabilities and exposures. CVE is a list of records—each containing an identification number, a
description, and at least one public reference-for publicly known cybersecurity vulnerabilities.

CVE Records are used in numerous cybersecurity products and services from around the world,
including the U.S. National Vulnerability Database.

Myself Vikas Chaudhary ,I am Cyber Security Analyst and Penetration Tester and also work online as a bug bounty Hunter….I have found Soo many Vulnerability in websites , plugins , software’s , os, Scripts, Hardware…etc and also reported them . Here some Verified CVE id’s are listed bellow which are found and Reported by me.

I would like to request you that please be careful if you are using these Vulnerable Products , bcz any hacker ( Attacker) can get full access over these products , so read it once and check if you are using these Products

Click on Bellow link to go Directly:-
59=> CVE-2019-14979-WooCommerce PayPal Checkout Payment Gateway plugin 1.6.17 for WordPress allows Parameter Tampering
58=> CVE-2019-14978-WooCommerce PayU India Payment Gateway plugin 2.1.1 for WordPress allows Parameter
57=> CVE-2019-14977-WooCommerce Instamojo Payment Gateway plugin 1.0.7 for WordPress allows Parameter Tampering
56=> CVE-2019-7441-WooCommerce PayPal Checkout Payment Gateway plugin 1.6.8 for WordPress allows Parameter Tampering
55=> CVE-2019-7440-JioFi 4G M2S 1.0.2 jiofi devices have CSRF Vulnerability
54=> CVE-2019-7439-JioFi 4G M2S 1.0.2 jiofi devices allows a DoS (HangOver)
53> CVE-2019-7438(XSS)-JioFi 4G M2S 1.0.2 jiofi devices has XSS Vulnerability
52=> CVE-2019-7438(HTML)-JioFi 4G M2S 1.0.2 jiofi devices has HTML injection
51=> CVE-2019-7437-PHP Scripts Mall Opensource Classified Ads Script 3.2.2 has reflected Cross-Site Scripting (XSS
50=> CVE-2019-7436-PHP Scripts Mall Opensource Classified Ads Script 3.2.2 has directory traversal
49=> CVE-2019-7435- PHP Scripts Mall Opensource Classified Ads Script 3.2.2 has reflected HTML injection
48=> CVE-2019-7434-PHP Scripts Mall Rental Bike Script 2.0.3 has directory traversal
47=> CVE-2019-7433-PHP Scripts Mall Rental Bike Script 2.0.3 has Cross-Site Request Forgery (CSRF)
46=> CVE-2019-7432-PHP Scripts Mall Rental Bike Script 2.0.3 has HTML injection
45=> CVE-2019-7431-PHP Scripts Mall Image Sharing Script 1.3.4 has directory traversal
44=> CVE-2019-7430-PHP Scripts Mall Image Sharing Script 1.3.4 has HTML injection via the Search Bar
43=> CVE-2019-7429-PHP Scripts Mall Property Rental Software 2.1.4 has directory traversal
42=> CVE-2018-20626-Consumer Reviews Script 4.0.3 has directory traversa
41=> CVE-2018-20627-Consumer Reviews Script 4.0.3 has HTML injection
40=> CVE-2018-20628-Charity Foundation Script 1 through 3 allows directory traversal
39=> CVE-2018-20629-Charity Donation Script readymadeb2bscript has directory traversal
38=> CVE-2018-20630-Advance Crowdfunding Script 2.0.3 has directory traversal
37=> CVE-2018-20631-Website Seller Script 2.0.5 allows full Path Disclosure
36=> CVE-2018-20632-Advance B2B Script 2.1.4 has stored Cross-Site Scripting (XSS)
35=>CVE-2018-20633-Advance B2B Script 2.1.4 has Cross-Site Request Forgery (CSRF)
34=> CVE-2018-20634-Advance B2B Script 2.1.4-allows remote attackers to cause a denial of service
33=> CVE-2018-20635-Advance B2B Script 2.1.4 has Directory traversal
32=> CVE-2018-20636-Chartered Accountant : Auditor Website 2.0.1 – has HTML injection
31=> CVE-2018-20637-Chartered Accountant :Auditor Website 2.0.1- allows remote attackers to cause a denial of service
30=> CVE-2018-20638-Chartered Accountant:Auditor Website 2.0.1- has directory traversal
29=> CVE-2018-20639-Entrepreneur Job Portal Script 3.0.1 has HTML injection
28=> CVE-2018-20640-Entrepreneur Job Portal Script 3.0.1 has stored Cross-Site Scripting (XSS)
27=> CVE-2018-20641-Entrepreneur Job Portal Script 3.0.1 has Cross-Site Request Forgery (CSRF)
26=> CVE-2018-20642-Entrepreneur Job Portal Script 3.0.1 allows remote attackers to cause a denial of service
25=> CVE-2018-20643-Entrepreneur Job Portal Script 3.0.1 has directory traversal
24=> CVE-2018-20644-Basic B2B Script 2.0.9 has Cross-Site Request Forgery (CSRF)
23=> CVE-2018-20645-Basic B2B Script 2.0.9 has HTML injection
22=> CVE-2018-20646-Basic B2B Script 2.0.9 has directory traversal
21=> CVE-2018-20647-Car Rental Script 2.0.8 has directory traversal
20=> CVE-2018-20648-Car Rental Script 2.0.8 has Cross-Site Request Forgery (CSRF)
19=> CVE-2018-6870-Website Seller Script 2.0.5 has Reflected HTML injection Vulnerability
18=> CVE-2018-6904-Car Rental Script 2.0.8 has HTML injection Vulnerability
17=> CVE-2018-11501-Website Seller Script 2.0.5 has CSRF
16=> CVE-2018-15897-Website Seller Script 2.0.5 has HTML injection.
15=> CVE-2018-15896-Website Seller Script 2.0.5 has Stored XSS
14=> CVE-2018-15191-Hotel Booking Script 2.0.4 has Buffer Overflow Vulnerability
13=> CVE-2018-15190-Hotel Booking Script 2.0.4 has Stored XSS
12=> CVE-2018-15189-Advanced Real Estate Script 4.0.9 has Stored XSS
11=> CVE-2018-15188-Advanced Real Estate Script 4.0.9 has Buffer Overflow
10=> CVE-2018-15187-Advanced Real Estate Script 4.0.9 has CSRF
9=> CVE-2018-15186-Auditor Website 2.0.1 has CSRF
8=> CVE-2018-15185-Naukri / Shine / Jobsite Clone Script 3.0.4 has Buffer Overflow
7=> CVE-2018-15184-Naukri / Shine / Jobsite Clone Script 3.0.4 has Stored XSS
6=> CVE-2018-15183-Myperfectresume / JobHero / Resume Clone Script 2.0.6 has Stored XSS
5=> CVE-2018-15182-Car Rental Script 2.0.8 has Stored XSS
4=> CVE-2018-15181-JioFi 4G Hotspot M2S 150 Mbps Router has Buffer Overflow
3=> CVE-2018-14541-PHP Scripts Mall Basic B2B Script 2.0.0 has Reflected and Stored XSS
2=> CVE-2018-14082-Entrepreneur Job Portal Script 3.0.1- Reflected XSS
1=> CVE-2018-13256-PHP Scripts Mall Auditor Website 2.0.1 has Stored XSS
CONTACT ADMIN

See me on Exploit DB => https://www.exploit-db.com/author/?a=9596

Find my Penetration Testing tools on Github => https://github.com/softaim/

Comment Please