Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Chartered Accountant \ Subscribe
Filtered by product Auditor Website Project
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-20636 1 Chartered Accountant \ 1 Auditor Website Project 2023-12-10 3.5 LOW 5.4 MEDIUM
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has HTML injection via the First Name field.
CVE-2018-20638 1 Chartered Accountant \ 1 Auditor Website Project 2023-12-10 4.0 MEDIUM 6.5 MEDIUM
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory.
CVE-2019-7553 1 Chartered Accountant \ 1 Auditor Website Project 2023-12-10 3.5 LOW 5.4 MEDIUM
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has Stored XSS in the Profile Update page via the My Name field.
CVE-2018-20637 1 Chartered Accountant \ 1 Auditor Website Project 2023-12-10 4.0 MEDIUM 6.5 MEDIUM
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 allows remote attackers to cause a denial of service (unrecoverable blank profile) via crafted JavaScript code in the First Name and Last Name field.
CVE-2018-15186 1 Chartered Accountant \ 1 Auditor Website Project 2023-12-10 6.8 MEDIUM 8.8 HIGH
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has CSRF via client/auditor/updprofile.php.
CVE-2018-13256 1 Chartered Accountant \ 1 Auditor Website Project 2023-12-10 4.3 MEDIUM 6.1 MEDIUM
PHP Scripts Mall Auditor Website 2.0.1 has XSS via the lastname or firstname parameter.