CVE-2017-17956
https://notcve.org/view.php?id=CVE-2017-17956
PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the admin/sellerupd.php companyname parameter. PHP Scripts Mall PHP Multivendor Ecommerce contiene XSS mediante el parámetro companyname en admin/sellerupd.php. • https://github.com/d4wner/Vulnerabilities-Report/blob/master/PHP%20Multivendor%20Ecommerce.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2017-17957
https://notcve.org/view.php?id=CVE-2017-17957
PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the my_wishlist.php fid parameter. PHP Scripts Mall PHP Multivendor Ecommerce contiene inyección SQL mediante el parámetro fid en my_wishlist.php. • https://github.com/d4wner/Vulnerabilities-Report/blob/master/PHP%20Multivendor%20Ecommerce.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2017-17952
https://notcve.org/view.php?id=CVE-2017-17952
PHP Scripts Mall PHP Multivendor Ecommerce has a predicable registration URL, which makes it easier for remote attackers to register with an invalid or spoofed e-mail address. PHP Scripts Mall PHP Multivendor Ecommerce contiene una URL de registro predecible que facilita a los atacantes remotos el registro con una dirección de correo electrónico suplantada o no válida. • https://github.com/d4wner/Vulnerabilities-Report/blob/master/PHP%20Multivendor%20Ecommerce.md • CWE-20: Improper Input Validation •
CVE-2017-17955
https://notcve.org/view.php?id=CVE-2017-17955
PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the shopping-cart.php cusid parameter. PHP Scripts Mall PHP Multivendor Ecommerce contiene XSS mediante el parámetro cusid en shopping-cart.php. • https://github.com/d4wner/Vulnerabilities-Report/blob/master/PHP%20Multivendor%20Ecommerce.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2017-17958
https://notcve.org/view.php?id=CVE-2017-17958
PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the my_wishlist.php fid parameter. PHP Scripts Mall PHP Multivendor Ecommerce contiene XSS mediante el parámetro fid en my_wishlist.php. • https://github.com/d4wner/Vulnerabilities-Report/blob/master/PHP%20Multivendor%20Ecommerce.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •