CVE-2018-6845
MEDIUMPHP Scripts Mall Multi Language Olx Clone Script 2.0.6 - Stored Cross-Site Scripting via Leave Comment Field
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2018-6845. PoCs published by Varun Bagaria.
AI-analyzed exploit summary This exploit demonstrates a stored XSS vulnerability in Multi Language Olx Clone Script version 2.0.6. The payload is injected via the comment section, executing arbitrary JavaScript when viewed by other users.
Description
PHP Scripts Mall Multi Language Olx Clone Script 2.0.6 has XSS via the Leave Comment field.
Exploits (1)
exploitdb
WORKING POC
by Varun Bagaria · textwebappsphp
https://www.exploit-db.com/exploits/44016
This exploit demonstrates a stored XSS vulnerability in Multi Language Olx Clone Script version 2.0.6. The payload is injected via the comment section, executing arbitrary JavaScript when viewed by other users.
Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:
Multi Language Olx Clone Script 2.0.6
Auth required
Prerequisites:
User registration · Authentication · Access to a listing with comments
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (1)
Core 1
Core References
Exploit, Third Party Advisory, VDB Entry exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/44016
Scores
CVSS v3
6.1
EPSS
0.0253
EPSS Percentile
82.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-79
Status
published
Products (1)
olx_clone_script_project/olx_clone_script
2.0.6
Published
Feb 12, 2018
Tracked Since
Feb 18, 2026