******************************************************************************************* # Exploit Title: PHP Scripts Mall Rental Bike Script 2.0.3 has HTML injection via the STREET field in the Profile Edit section # Site Title : Rental Bike Script … Read more
******************************************************************************************* # Exploit Title: PHP Scripts Mall Image Sharing Script 1.3.4 has directory traversal via a direct request for a listing of an uploads directory. # Date: 30.12.2018 # Site … Read more
******************************************************************************************* # Exploit Title: PHP Scripts Mall Image Sharing Script 1.3.4 has HTML injection via the Search Bar. # Site Title : Mall Image Sharing Script # Vendor Homepage: https://www.phpscriptsmall.com/ … Read more
******************************************************************************************* # Exploit Title: PHP Scripts Mall Property Rental Software 2.1.4 has directory traversal via a direct request for a listing of an uploads directory such as the wp-content/uploads/2016/08 directory. … Read more
******************************************************* # Exploit Title: PHP Scripts Mall Car Rental Script 2.0.8 has Cross-Site Request Forgery (CSRF) via accountedit.php. # Date: 30.12.2018 # Site Title :Car Rental – Travel Booking Script … Read more
******************************************************* # Exploit Title: PHP Scripts Mall Car Rental Script 2.0.8 has directory traversal via a direct request for a listing of an image directory such as an images/ directory. … Read more
************************************************ # Exploit Title: PHP Scripts Mall Basic B2B Script 2.0.9 has directory traversal via a direct request for a listing of an image directory such as an uploads/ directory. … Read more
************************************************** # Exploit Title: PHP Scripts Mall Basic B2B Script 2.0.9 has HTML injection via the First Name or Last Name field. # Date: 30.12.2018 # Site Title : B2B … Read more
*********************************************** # Exploit Title: PHP Scripts Mall Basic B2B Script 2.0.9 has Cross-Site Request Forgery (CSRF) via the Edit profile feature. # Date: 30.12.2018 # Site Title : B2B Script … Read more
******************************************* # Exploit Title: PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has directory traversal via a direct request for a listing of an image directory such as an assets/ … Read more
********************************************** # Exploit Title: PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 allows remote attackers to cause a denial of service (outage of profile editing) via crafted JavaScript code in … Read more
************************************************ # Exploit Title: PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has Cross-Site Request Forgery (CSRF) via the Edit Profile feature. # Date: 30.12.2018 # Site Title : JOB … Read more