Vulnerabilities (CVE)

Filtered by vendor Scubez Subscribe
Filtered by product Posty Readymade Classifieds
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-17569 1 Scubez 1 Posty Readymade Classifieds 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Scubez Posty Readymade Classifieds has XSS via the admin/user_activate_submit.php ID parameter.
CVE-2017-17568 1 Scubez 1 Posty Readymade Classifieds 2024-11-21 5.0 MEDIUM 7.5 HIGH
Scubez Posty Readymade Classifieds has Incorrect Access Control for visiting admin/user_activate_submit.php (aka the backend PHP script), which might allow remote attackers to obtain sensitive information via a direct request.
CVE-2017-17567 1 Scubez 1 Posty Readymade Classifieds 2024-11-21 5.0 MEDIUM 7.5 HIGH
Scubez Posty Readymade Classifieds has SQL Injection via the admin/user_activate_submit.php ID parameter.
CVE-2017-17111 1 Scubez 1 Posty Readymade Classifieds 2024-11-21 7.5 HIGH 9.8 CRITICAL
Posty Readymade Classifieds Script 1.0 allows an attacker to inject SQL commands via a listings.php?catid= or ads-details.php?ID= request.