PT-2019-10129 · Php Scripts Mall · Php Scripts Mall Advance B2B Script

Publicado

2019-03-20

Atualizado

2019-03-21

CVE-2018-20633

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: PHP Scripts Mall Advance B2B Script version 2.1.4

Description: The issue concerns a Cross-Site Request Forgery (CSRF) via the Edit Profile feature.

Recommendations: For PHP Scripts Mall Advance B2B Script version 2.1.4, consider disabling the Edit Profile feature until a patch is available.

Exploit

Correção

CSRF

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

CVE-2018-20633

Php Scripts Mall Advance B2B Script