Lucene search

[email protected]NVD:CVE-2018-14541

HistoryAug 04, 2018 - 1:29 a.m.

CVE-2018-14541

2018-08-0401:29:03

CWE-79

[email protected]

web.nvd.nist.gov

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

23.8%

JSON

PHP Scripts Mall Basic B2B Script 2.0.0 has Reflected and Stored XSS via the First name, Last name, Address 1, City, State, and Company name fields.

Affected configurations

Nvd

Node

readymadeb2bscriptbasic_b2bMatch2.0.0

VendorProductVersionCPE
readymadeb2bscriptbasic_b2b2.0.0cpe:2.3:a:readymadeb2bscript:basic_b2b:2.0.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
readymadeb2bscript	basic_b2b	2.0.0	cpe:2.3:a:readymadeb2bscript:basic_b2b:2.0.0:::::::*

References

gkaim.com/cve-2018-14541-vikas-chaudhary/

www.exploit-db.com/exploits/45140/

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

23.8%

JSON

Related for NVD:CVE-2018-14541

prion2 cvelist2 zdt1 cve2 exploitdb1 packetstorm1 nvd1