MidnightBSD

Advisories for muslim_matrimonial_script_project

CVE-2017-17639 HIGH

Muslim Matrimonial Script 3.02 has SQL Injection via the success-story.php succid parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
muslim_matrimonial_script_project muslim_matrimonial_script 3.02
CVE-2017-17981 LOW

PHP Scripts Mall Muslim Matrimonial Script has XSS via the admin/slider_edit.php edit_id parameter.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
muslim_matrimonial_script_project muslim_matrimonial_script 3.0.3
CVE-2017-17982 MEDIUM

PHP Scripts Mall Muslim Matrimonial Script has CSRF via admin/subadmin_edit.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
muslim_matrimonial_script_project muslim_matrimonial_script 3.0.3
CVE-2017-17983 MEDIUM

PHP Scripts Mall Muslim Matrimonial Script has SQL injection via the view-profile.php mem_id parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-89,

Products Affected

Vendor Product Version
muslim_matrimonial_script_project muslim_matrimonial_script 3.0.3
CVE-2017-17984 LOW

PHP Scripts Mall Muslim Matrimonial Script has XSS via the admin/event_edit.php edit_id parameter.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
muslim_matrimonial_script_project muslim_matrimonial_script 3.0.3
CVE-2017-17985 LOW

PHP Scripts Mall Muslim Matrimonial Script has XSS via the admin/state_view.php cou_id parameter.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
muslim_matrimonial_script_project muslim_matrimonial_script 3.0.3
CVE-2017-17986 LOW

PHP Scripts Mall Muslim Matrimonial Script has XSS via the admin/caste_view.php comm_id parameter.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
muslim_matrimonial_script_project muslim_matrimonial_script 3.0.3
CVE-2017-17987 MEDIUM

PHP Scripts Mall Muslim Matrimonial Script allows arbitrary file upload via admin/mydetails_edit.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-434,

Products Affected

Vendor Product Version
muslim_matrimonial_script_project muslim_matrimonial_script 3.0.3
CVE-2017-17988 LOW

PHP Scripts Mall Muslim Matrimonial Script has XSS via the admin/event_add.php event_title parameter.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
muslim_matrimonial_script_project muslim_matrimonial_script 3.0.3