CVE-2017-17953
https://notcve.org/view.php?id=CVE-2017-17953
PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the category.php chid1 parameter. PHP Scripts Mall PHP Multivendor Ecommerce contiene XSS mediante el parámetro chid1 en category.php. • https://github.com/d4wner/Vulnerabilities-Report/blob/master/PHP%20Multivendor%20Ecommerce.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2017-17959
https://notcve.org/view.php?id=CVE-2017-17959
PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the seller-view.php usid parameter. PHP Scripts Mall PHP Multivendor Ecommerce contiene inyección SQL mediante el parámetro usid en seller-view.php. • https://github.com/d4wner/Vulnerabilities-Report/blob/master/PHP%20Multivendor%20Ecommerce.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2017-17951
https://notcve.org/view.php?id=CVE-2017-17951
PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the shopping-cart.php cusid parameter. PHP Scripts Mall PHP Multivendor Ecommerce contiene inyección SQL mediante el parámetro cusid en shopping-cart.php. • https://github.com/d4wner/Vulnerabilities-Report/blob/master/PHP%20Multivendor%20Ecommerce.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2017-17954
https://notcve.org/view.php?id=CVE-2017-17954
PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the seller-view.php usid parameter. PHP Scripts Mall PHP Multivendor Ecommerce contiene XSS mediante el parámetro usid en seller-view.php. • https://github.com/d4wner/Vulnerabilities-Report/blob/master/PHP%20Multivendor%20Ecommerce.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2017-17960
https://notcve.org/view.php?id=CVE-2017-17960
PHP Scripts Mall PHP Multivendor Ecommerce has CSRF via admin/sellerupd.php. PHP Scripts Mall PHP Multivendor Ecommerce contiene CSRF mediante admin/sellerupd.php. • https://github.com/d4wner/Vulnerabilities-Report/blob/master/PHP%20Multivendor%20Ecommerce.md • CWE-352: Cross-Site Request Forgery (CSRF) •