CVE-2018-6903

Name of the Vulnerable Software and Affected Versions PHP Scripts Mall Hot Scripts Clone Script Classified version 3.1

Description The issue concerns the validation of an e-mail address, which is enforced on the client side. This allows remote attackers to modify a registered e-mail address by removing the validation code.

Recommendations For version 3.1, consider implementing server-side validation for e-mail addresses to prevent modification by remote attackers. As a temporary workaround, restrict the ability to modify registered e-mail addresses until a more secure validation mechanism is in place.