返回 CVE 瀏覽器

CVE-2017-17960

HIGH

8.8

CVSS Severity Score

EPSS Score0.1280%

EPSS Percentile38.83th

Published2017年12月28日

Last Modified2026年5月13日

Vulnerability Description

PHP Scripts Mall PHP Multivendor Ecommerce has CSRF via admin/sellerupd.php.

Affected Platforms (CPE)

📦

Php Multivendor Ecommerce Project

Php Multivendor Ecommerce

All versions

References & Advisories

🔗 https://github.com/d4wner/Vulnerabilities-Report/blob/master/PHP%20Multivendor%20Ecommerce.md

🔗 https://github.com/d4wner/Vulnerabilities-Report/blob/master/PHP%20Multivendor%20Ecommerce.md

相關漏洞威脅

CVE-2017-179579.8

PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the my_wishlist.php fid parameter.

CVE-2017-176249.8

PHP Multivendor Ecommerce 1.0 has SQL Injection via the single_detail.php sid parameter, or the category.php searchcat or chid1 pa...

CVE-2017-179519.8

PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the shopping-cart.php cusid parameter.

CVE-2017-179599.8

PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the seller-view.php usid parameter.