Vulnerabilities > Website Broker Script Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-12 | CVE-2018-6900 | Cross-site Scripting vulnerability in Website Broker Script Project Website Broker Script 3.0.6 PHP Scripts Mall Website Broker Script 3.0.6 has XSS via the Last Name field on the My Profile page. | 3.5 |
| 2017-10-31 | CVE-2017-15992 | SQL Injection vulnerability in Website Broker Script Project Website Broker Script Website Broker Script allows SQL Injection via the 'status_id' Parameter to status_list.php. | 7.5 |