CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2019-9604
https://notcve.org/view.php?id=CVE-2019-9604
PHP Scripts Mall Online Lottery PHP Readymade Script 1.7.0 has Cross-Site Request Forgery (CSRF) for Edit Profile actions. PHP Scripts Mall Online Lottery PHP Readymade Script, en su versión 1.7.0, tiene Cross-Site Request Forgery (CSRF) para acciones "Edit Profile". • https://hackingvila.wordpress.com/2019/03/06/php-scripts-mall-online-lottery-php-readymade-script-1-7-0-has-cross-site-request-forgery-csrf-for-edit-profile-actionscve-2019-9604 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2019-9605
https://notcve.org/view.php?id=CVE-2019-9605
PHP Scripts Mall Online Lottery PHP Readymade Script 1.7.0 has Reflected Cross-site Scripting (XSS) via the err value in a .ico picture upload. PHP Scripts Mall Online Lottery PHP Readymade Script, en su versión 1.7.0, tiene Cross-Site Scripting (XSS) reflejado mediante el valor "err" en una subida de fotografía ".ico". • https://hackingvila.wordpress.com/2019/03/06/php-scripts-mall-online-lottery-php-readymade-script-1-7-0-has-reflected-cross-site-scripting-xss-via-the-err-value-in-a-ico-picture-uploadcve-2019-9605 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •