Php Scripts Mall · Php Scripts Mall Citysearch / Hotfrog / Gelbeseiten Clone Script · CVE-2019-6248
**Name of the Vulnerable Software and Affected Versions**
PHP Scripts Mall Citysearch / Hotfrog / Gelbeseiten Clone Script version 2.0.1
**Description**
The issue concerns a Reflected XSS vulnerability. It can be exploited via the `srch` parameter in the restaurants-details.php page.
**Recommendations**
For version 2.0.1, update the script to properly sanitize user input for the `srch` parameter to prevent XSS attacks. As a temporary workaround, consider restricting access to the restaurants-details.php page until a patch is available.