Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-9047PUBLISHED: 2019-02-23GoRose v1.0.4 has SQL Injection when the order_by or group_by parameter can be controlled.
CVE-2019-9062PUBLISHED: 2019-02-23PHP Scripts Mall Online Food Ordering Script 1.0 has Cross-Site Request Forgery (CSRF) in my-account.php.
CVE-2019-9063PUBLISHED: 2019-02-23PHP Scripts Mall Auction website script 2.0.4 allows parameter tampering of the payment amount.
CVE-2019-9064PUBLISHED: 2019-02-23PHP Scripts Mall Cab Booking Script 1.0.3 allows Directory Traversal into the parent directory of a jpg or png file.
CVE-2019-9065PUBLISHED: 2019-02-23PHP Scripts Mall Custom T-Shirt Ecommerce Script 3.1.1 allows parameter tampering of the payment amount.