CVE-2017-17956
https://notcve.org/view.php?id=CVE-2017-17956
PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the admin/sellerupd.php companyname parameter. PHP Scripts Mall PHP Multivendor Ecommerce contiene XSS mediante el parámetro companyname en admin/sellerupd.php. • https://github.com/d4wner/Vulnerabilities-Report/blob/master/PHP%20Multivendor%20Ecommerce.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2017-17957
https://notcve.org/view.php?id=CVE-2017-17957
PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the my_wishlist.php fid parameter. PHP Scripts Mall PHP Multivendor Ecommerce contiene inyección SQL mediante el parámetro fid en my_wishlist.php. • https://github.com/d4wner/Vulnerabilities-Report/blob/master/PHP%20Multivendor%20Ecommerce.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2017-17958
https://notcve.org/view.php?id=CVE-2017-17958
PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the my_wishlist.php fid parameter. PHP Scripts Mall PHP Multivendor Ecommerce contiene XSS mediante el parámetro fid en my_wishlist.php. • https://github.com/d4wner/Vulnerabilities-Report/blob/master/PHP%20Multivendor%20Ecommerce.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2017-17959
https://notcve.org/view.php?id=CVE-2017-17959
PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the seller-view.php usid parameter. PHP Scripts Mall PHP Multivendor Ecommerce contiene inyección SQL mediante el parámetro usid en seller-view.php. • https://github.com/d4wner/Vulnerabilities-Report/blob/master/PHP%20Multivendor%20Ecommerce.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2017-17960
https://notcve.org/view.php?id=CVE-2017-17960
PHP Scripts Mall PHP Multivendor Ecommerce has CSRF via admin/sellerupd.php. PHP Scripts Mall PHP Multivendor Ecommerce contiene CSRF mediante admin/sellerupd.php. • https://github.com/d4wner/Vulnerabilities-Report/blob/master/PHP%20Multivendor%20Ecommerce.md • CWE-352: Cross-Site Request Forgery (CSRF) •