cbcvebase.

Advance B2B Script Project Advance B2B Script vulnerabilities

5 known vulnerabilities affecting advance_b2b_script_project/advance_b2b_script.

Total CVEs
5
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2017-17602P3CRITICALCVSS 9.8PoCv2.1.32017-12-13
CVE-2017-17602 [CRITICAL] CWE-89 CVE-2017-17602: Advance B2B Script 2.1.3 has SQL Injection via the tradeshow-list-detail.php show_id or view-product Advance B2B Script 2.1.3 has SQL Injection via the tradeshow-list-detail.php show_id or view-product.php pid parameter.
nvd
CVE-2018-20633P4HIGHCVSS 8.8v2.1.42019-03-21
CVE-2018-20633 [HIGH] CWE-352 CVE-2018-20633: PHP Scripts Mall Advance B2B Script 2.1.4 has Cross-Site Request Forgery (CSRF) via the Edit Profile PHP Scripts Mall Advance B2B Script 2.1.4 has Cross-Site Request Forgery (CSRF) via the Edit Profile feature.
nvd
CVE-2018-20634P4MEDIUMCVSS 6.5v2.1.42019-03-21
CVE-2018-20634 [MEDIUM] CWE-119 CVE-2018-20634: PHP Scripts Mall Advance B2B Script 2.1.4 allows remote attackers to cause a denial of service (chan PHP Scripts Mall Advance B2B Script 2.1.4 allows remote attackers to cause a denial of service (changed Page structure) via JavaScript code in the First Name field.
nvd
CVE-2018-20632P4MEDIUMCVSS 5.4v2.1.42019-03-21
CVE-2018-20632 [MEDIUM] CWE-79 CVE-2018-20632: PHP Scripts Mall Advance B2B Script 2.1.4 has stored Cross-Site Scripting (XSS) via the FIRST NAME o PHP Scripts Mall Advance B2B Script 2.1.4 has stored Cross-Site Scripting (XSS) via the FIRST NAME or LAST NAME field.
nvd
CVE-2018-20635P4MEDIUMCVSS 4.3v2.1.42019-03-21
CVE-2018-20635 [MEDIUM] CWE-22 CVE-2018-20635: PHP Scripts Mall Advance B2B Script 2.1.4 has directory traversal via a direct request for a listing PHP Scripts Mall Advance B2B Script 2.1.4 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory.
nvd
Advance B2B Script Project Advance B2B Script vulnerabilities | cvebase