Search Results | AttackerKB

Show filters

Topics 87 Users 9,733

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

87 Total Results

Displaying 51-60 of 87

Attacker Value

Unknown

CVE-2019-17604

Disclosure Date: November 07, 2019 (last updated November 27, 2024)

An Insecure Direct Object Reference (IDOR) vulnerability in eyecomms eyeCMS through 2019-10-15 allows any candidate to change other candidates' personal information (first name, last name, email, CV, phone number, and all other personal information) by changing the value of the candidate id (the id parameter).

Attack Vector: Network Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2019-9065

Disclosure Date: February 23, 2019 (last updated November 27, 2024)

PHP Scripts Mall Custom T-Shirt Ecommerce Script 3.1.1 allows parameter tampering of the payment amount.

0

Attacker Value

Unknown

CVE-2017-17956

Disclosure Date: December 28, 2017 (last updated November 26, 2024)

PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the admin/sellerupd.php companyname parameter.

0

Attacker Value

Unknown

CVE-2017-17957

Disclosure Date: December 28, 2017 (last updated November 26, 2024)

PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the my_wishlist.php fid parameter.

0

Attacker Value

Unknown

CVE-2017-17960

Disclosure Date: December 28, 2017 (last updated November 26, 2024)

PHP Scripts Mall PHP Multivendor Ecommerce has CSRF via admin/sellerupd.php.

0

Attacker Value

Unknown

CVE-2017-17959

Disclosure Date: December 28, 2017 (last updated November 26, 2024)

PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the seller-view.php usid parameter.

0

Attacker Value

Unknown

CVE-2017-17953

Disclosure Date: December 28, 2017 (last updated November 26, 2024)

PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the category.php chid1 parameter.

0

Attacker Value

Unknown

CVE-2017-17958

Disclosure Date: December 28, 2017 (last updated November 26, 2024)

PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the my_wishlist.php fid parameter.

0

Attacker Value

Unknown

CVE-2017-17954

Disclosure Date: December 28, 2017 (last updated November 26, 2024)

PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the seller-view.php usid parameter.

0

Attacker Value

Unknown

CVE-2017-17951

Disclosure Date: December 28, 2017 (last updated November 26, 2024)

PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the shopping-cart.php cusid parameter.

0