CVE-2018-6879

Published: Apr 12, 2018Modified: Jun 17, 2026

8.8

Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

PHP Scripts Mall Website Seller Script 2.0.3 uses the client side to enforce validation of an e-mail address, which allows remote attackers to modify a registered e-mail address by removing the validation code.

Affected (1)

Products: Website Seller Script Project: Website Seller Script

Website Seller Script Project

1 product

Website Seller Script

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Website Seller Script Project Website Seller Script	Version 2.0.3

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (2)

https://0day4u.wordpress.com/2018/03/12/website-seller-script-improper-validation-of-email-address/

Source: cve@mitre.org

ExploitThird Party Advisory

https://0day4u.wordpress.com/2018/03/12/website-seller-script-improper-validation-of-email-address/

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.