Filtered by vendor Chartered Accountant \
Subscribe
Filtered by product Auditor Website Project
Subscribe
Total
6 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-7553 | 1 Chartered Accountant \ | 1 Auditor Website Project | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has Stored XSS in the Profile Update page via the My Name field. | |||||
CVE-2018-20638 | 1 Chartered Accountant \ | 1 Auditor Website Project | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory. | |||||
CVE-2018-20637 | 1 Chartered Accountant \ | 1 Auditor Website Project | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 allows remote attackers to cause a denial of service (unrecoverable blank profile) via crafted JavaScript code in the First Name and Last Name field. | |||||
CVE-2018-20636 | 1 Chartered Accountant \ | 1 Auditor Website Project | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has HTML injection via the First Name field. | |||||
CVE-2018-15186 | 1 Chartered Accountant \ | 1 Auditor Website Project | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has CSRF via client/auditor/updprofile.php. | |||||
CVE-2018-13256 | 1 Chartered Accountant \ | 1 Auditor Website Project | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
PHP Scripts Mall Auditor Website 2.0.1 has XSS via the lastname or firstname parameter. |