MidnightBSD

Advisories for fortunescripts

CVE-2017-17573 HIGH

FS Ebay Clone 1.0 has SQL Injection via the product.php id parameter, or the search.php category_id or sub_category_id parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
fortunescripts ebay_clone 1.0
CVE-2017-17903 MEDIUM

FS Lynda Clone has CSRF via user/edit_profile, as demonstrated by adding content to the user panel.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
fortunescripts lynda_clone 1.0
CVE-2017-17904 LOW

FS Lynda Clone has XSS via the keywords parameter to tutorial/ or the edit_profile_first_name parameter to user/edit_profile.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
fortunescripts lynda_clone 1.0