Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.1
CVSSv3

CVE-2018-13849

Published: 10/07/2018 Updated: 05/09/2018
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 435
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Instagram-clone

Vulnerability Summary

edit_requests.php in yTakkar Instagram-clone through 2018-04-23 has XSS via an onmouseover payload because of an inadequate XSS protection mechanism based on preg_replace.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

instagram-clone project instagram-clone

Exploits

Exploit DB: Instagram-Clone Script 2.0 - Cross-Site Scripting
# Exploit Title: Instagram-clone Script 20 - Cross-Site Scripting # Date: 2018-07-10 # Exploit Author: L0RD # Vendor Homepage: githubcom/yTakkar/Instagram-clone # Version: 20 # CVE: CVE-2018-13849 # Tested on: Kali linux # POC : Persistent Cross site scripting : # vulnerable file : edit_requestsphp # vulnerable code : if (isset($_POST ...
Exploit DB: Instagram Clone Script 2.0 Cross Site Scripting
Instagram Clone Script version 20 suffers from a cross site scripting vulnerability ...

References

CWE-79https://cxsecurity.com/issue/WLB-2018070095https://www.exploit-db.com/exploits/45003/https://nvd.nist.govhttps://www.exploit-db.com/exploits/45003/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTICVE-2024-35863CVE-2024-35910man-in-the-middleCVE-2024-35912CVE-2024-25742LFICVE-2024-32002CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook