Stored XSS Vulnerability in PHP Scripts Mall Multilanguage Real Estate MLM Script
CVE-2018-6796

5.4MEDIUM

Key Information:

Vendor: Multilanguage Real Estate Mlm Script Project
Status: Multilanguage Real Estate Mlm Script
Vendor: CVE Published:; 7 February 2018

🔔 Create Multilanguage Real Estate Mlm Script Project Vulnerability Alert

What is CVE-2018-6796?

The Multilanguage Real Estate MLM Script version 3.0 by PHP Scripts Mall contains a vulnerability that allows attackers to inject malicious scripts via any profile input field. This security flaw can be exploited to execute arbitrary JavaScript in the context of the user's browser, potentially leading to unauthorized actions and data theft.

References

https://exploit-db.com/exploits/43989/

exploitx_refsource_EXPLOIT-DB

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 7, 2018
Vulnerability Reserved
Feb 6, 2018

CVE-2018-6796 Data

JSON