CVE-2018-6845

MEDIUM

PHP Scripts Mall Multi Language Olx Clone Script 2.0.6 - Stored Cross-Site Scripting via Leave Comment Field

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-6845. PoCs published by Varun Bagaria.

AI-analyzed exploit summary This exploit demonstrates a stored XSS vulnerability in Multi Language Olx Clone Script version 2.0.6. The payload is injected via the comment section, executing arbitrary JavaScript when viewed by other users.

Description

PHP Scripts Mall Multi Language Olx Clone Script 2.0.6 has XSS via the Leave Comment field.

Exploits (1)

exploitdb WORKING POC
by Varun Bagaria · textwebappsphp
https://www.exploit-db.com/exploits/44016

This exploit demonstrates a stored XSS vulnerability in Multi Language Olx Clone Script version 2.0.6. The payload is injected via the comment section, executing arbitrary JavaScript when viewed by other users.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: Multi Language Olx Clone Script 2.0.6
Auth required
Prerequisites: User registration · Authentication · Access to a listing with comments
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References
Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/44016

Scores

CVSS v3 6.1
EPSS 0.0253
EPSS Percentile 82.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

CWE
CWE-79
Status published
Products (1)
olx_clone_script_project/olx_clone_script 2.0.6
Published Feb 12, 2018
Tracked Since Feb 18, 2026