CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2018-6796
https://notcve.org/view.php?id=CVE-2018-6796
PHP Scripts Mall Multilanguage Real Estate MLM Script 3.0 has Stored XSS via every profile input field. PHP Scripts Mall Multilanguage Real Estate MLM Script 3.0 tiene XSS persistente mediante cada campo de entrada de perfil. • https://exploit-db.com/exploits/43989 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2CVE-2018-6364 – Multilanguage Real Estate MLM Script 3.0 - 'srch' SQL Injection
https://notcve.org/view.php?id=CVE-2018-6364
SQL Injection exists in Multilanguage Real Estate MLM Script through 3.0 via the /product-list.php srch parameter. Existe inyección SQL en Multilanguage Real Estate MLM Script hasta la versión 3.0 mediante el parámetro srch en /product-list.php. • https://www.exploit-db.com/exploits/43917 https://packetstormsecurity.com/files/146130/Multilanguage-Real-Estate-MLM-Script-3.0-SQL-Injection.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •