CVE-2018-20642

{"id": "CVE-2018-20642", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2019-03-21T16:00:37.047", "references": [{"url": "https://gkaim.com/cve-2018-20642-vikas-chaudhary/", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://gkaim.com/cve-2018-20642-vikas-chaudhary/", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 allows remote attackers to cause a denial of service (outage of profile editing) via crafted JavaScript code in the KeySkills field."}, {"lang": "es", "value": "PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 permite que los atacantes remotos provoquen una denegaci\u00f3n de servicio (corte de la edici\u00f3n del perfil) mediante c\u00f3digo JavaScript manipulado en el campo KeySkills."}], "lastModified": "2024-11-21T04:01:55.120", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:entrepreneur_job_portal_script_project:entrepreneur_job_portal_script:3.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D80D4D1-27D8-44E2-BCC9-A4823FD28357"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}