exploitDog

CVE-2018-20530

Опубликовано: 28 дек. 2018

Источник: nvd

CVSS3: 5.4

CVSS2: 3.5

EPSS Низкий

Описание

PHP Scripts Mall Website Seller Script 2.0.5 has XSS via a Profile field such as Company Address, a related issue to CVE-2018-15896.

Ссылки

https://suku90.wordpress.com/2018/12/27/php-scripts-mall-website-seller-script-2-0-5-stored-and-reflected-xss/
Exploit
Third Party Advisory
https://suku90.wordpress.com/2018/12/27/php-scripts-mall-website-seller-script-2-0-5-stored-and-reflected-xss/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:website_seller_script_project:website_seller_script:2.0.5:*:*:*:*:*:*:*

EPSS

Процентиль: 43%

0.00206

Низкий

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-j3qf-2j2h-7w5f

CVSS3: 5.4

github

больше 3 лет назад

PHP Scripts Mall Website Seller Script 2.0.5 has XSS via a Profile field such as Company Address, a related issue to CVE-2018-15896.

EPSS

Процентиль: 43%

0.00206

Низкий

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79