MidnightBSD

Advisories for naukri_clone_script_project

CVE-2018-11514 MEDIUM

PHP Scripts Mall Naukri Clone Script through 3.0.3 allows Unrestricted Upload of a File with a Dangerous Type in edit_resume_det.php, as demonstrated by changing .docx to .php.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-434,

Products Affected

Vendor Product Version
naukri_clone_script_project naukri_clone_script *
CVE-2018-15184 LOW

PHP Scripts Mall Naukri / Shine / Jobsite Clone Script 3.0.4 has Stored XSS via the USERNAME field, a related issue to CVE-2018-6795.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
naukri_clone_script_project naukri_clone_script 3.0.4
CVE-2018-15185 MEDIUM

PHP Scripts Mall Naukri / Shine / Jobsite Clone Script 3.0.4 allows remote attackers to cause a denial of service (page update outage) via crafted PHP and JavaScript code in the "Current Position" field.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
naukri_clone_script_project naukri_clone_script 3.0.4
CVE-2018-6795 LOW

PHP Scripts Mall Naukri Clone Script 3.0.3 has Stored XSS via every profile input field.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
naukri_clone_script_project naukri_clone_script 3.0.3