MidnightBSD

Advisories for rental_bike_script_project

CVE-2019-7432 LOW

PHP Scripts Mall Rental Bike Script 2.0.3 has HTML injection via the STREET field in the Profile Edit section.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
rental_bike_script_project rental_bike_script 2.0.3
CVE-2019-7433 MEDIUM

PHP Scripts Mall Rental Bike Script 2.0.3 has Cross-Site Request Forgery (CSRF) via the Edit Profile feature.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
rental_bike_script_project rental_bike_script 2.0.3
CVE-2019-7434 MEDIUM

PHP Scripts Mall Rental Bike Script 2.0.3 has directory traversal via a direct request for a listing of an uploads directory.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
rental_bike_script_project rental_bike_script 2.0.3