Search Results | AttackerKB

6 Total Results

Displaying 1-6 of 6

Attacker Value

Unknown

CVE-2019-7553

Disclosure Date: June 06, 2019 (last updated November 27, 2024)

PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has Stored XSS in the Profile Update page via the My Name field.

Attacker Value

Unknown

CVE-2018-20637

Disclosure Date: March 21, 2019 (last updated November 27, 2024)

PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 allows remote attackers to cause a denial of service (unrecoverable blank profile) via crafted JavaScript code in the First Name and Last Name field.

Attacker Value

Unknown

CVE-2018-20638

Disclosure Date: March 21, 2019 (last updated November 27, 2024)

PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory.

Attacker Value

Unknown

CVE-2018-20636

Disclosure Date: March 21, 2019 (last updated November 27, 2024)

PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has HTML injection via the First Name field.

Attacker Value

Unknown

CVE-2018-15186

Disclosure Date: August 10, 2018 (last updated November 27, 2024)

PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has CSRF via client/auditor/updprofile.php.

Attacker Value

Unknown

CVE-2018-13256

Disclosure Date: July 09, 2018 (last updated November 27, 2024)

PHP Scripts Mall Auditor Website 2.0.1 has XSS via the lastname or firstname parameter.

Attack Vector: Network Privileges: None User Interaction: Required

6 Total Results

Displaying 1-6 of 6

Unknown

CVE-2019-7553

Unknown

CVE-2018-20637

Unknown

CVE-2018-20638

Unknown

CVE-2018-20636

Unknown

CVE-2018-15186

Unknown

CVE-2018-13256

Quick Cookie Notification