Keyone

3 exploits Active since May 2018
CVE-2018-11372 WRITEUP CRITICAL WRITEUP
iScripts eSwap 2.4 - SQL Injection via User Panel ToId Parameter
iScripts eSwap v2.4 has SQL injection via the wishlistdetailed.php User Panel ToId parameter.
CVSS 9.8
CVE-2018-11373 WRITEUP CRITICAL WORKING POC
iScripts eSwap 2.4 - SQL Injection via User Panel ToId Parameter
iScripts eSwap v2.4 has SQL injection via the "salelistdetailed.php" User Panel ToId parameter.
CVSS 9.8
CVE-2018-11470 WRITEUP HIGH WRITEUP
iScripts eSwap 2.4 - SQL Injection via User Panel Search Told Parameter
iScripts eSwap v2.4 has SQL injection via the "search.php" 'Told' parameter in the User Panel.
CVSS 8.8