CyberSec.Space Logo
Back to CVE Browser

CVE-2017-17927

MEDIUM
5.3
CVSS Severity Score
EPSS Score0.1200%
EPSS Percentile37.55th
PublishedDec 27, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

PHP Scripts Mall Professional Service Script allows remote attackers to obtain sensitive full-path information via a crafted PATH_INFO to service-list/category/.

Affected Platforms (CPE)

📦
Ordermanagementscript

Professional Service Script

All versions

References & Advisories

🔗 https://github.com/d4wner/Vulnerabilities-Report/blob/master/Professional-Service-Script.md
🔗 https://github.com/d4wner/Vulnerabilities-Report/blob/master/Professional-Service-Script.md

Related Vulnerabilities

CVE-2017-179289.8

PHP Scripts Mall Professional Service Script has SQL injection via the admin/review.php id parameter.

CVE-2017-176259.8

Professional Service Script 1.0 has SQL Injection via the service-list city parameter.

CVE-2017-179308.8

PHP Scripts Mall Professional Service Script has CSRF via admin/general_settingupd.php, as demonstrated by modifying a setting in ...

CVE-2017-31805.4

Multiple TIBCO Products are prone to multiple unspecified cross-site scripting vulnerabilities because it fails to properly saniti...