CVE-2018-7650 in Hot Scripts Clone:Script Classifiedinfo

Summary

PHP Scripts Mall Hot Scripts Clone:Script Classified Version 3.1 Application is vulnerable to stored XSS within the "Add New" function for a Management User. Within the "Add New" section, the application does not sanitize user supplied input to the name parameter, and renders injected JavaScript code to the user's browser. This is different from CVE-2018-6878.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

03/02/2018

Disclosure

03/06/2018

Moderation

VulDB entry created

Entries

VDB-114142 (1)

CPE

ready

CWE

CWE-79 (Confirmed)

CVSS

4.1

EPSS

0.00235

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2018-7650
NVD	https://nvd.nist.gov/vuln/detail/CVE-2018-7650
CVE Details	https://www.cvedetails.com/cve/CVE-2018-7650/

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!