{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-22T18:44:18.332","vulnerabilities":[{"cve":{"id":"CVE-2018-6903","sourceIdentifier":"cve@mitre.org","published":"2018-04-12T22:29:00.497","lastModified":"2026-06-17T02:02:25.940","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"PHP Scripts Mall Hot Scripts Clone Script Classified v3.1 uses the client side to enforce validation of an e-mail address, which allows remote attackers to modify a registered e-mail address by removing the validation code."},{"lang":"es","value":"PHP Scripts Mall Hot Scripts Clone Script Classified v3.1 emplea el lado del cliente para aplicar la validación de una dirección de email, lo que permite que atacantes remotos modifiquen una dirección de correo electrónico registrada eliminando el código de validación."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:N/I:P/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:hot_scripts_clone_project:hot_scripts_clone:3.1:*:*:*:*:*:*:*","matchCriteriaId":"E585EAD7-FBD2-4F13-8DC3-48CCAEB1455B"}]}]}],"references":[{"url":"https://0day4u.wordpress.com/2018/03/12/hot-scripts-clone-script-classified-improper-validation-of-email-address/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://0day4u.wordpress.com/2018/03/12/hot-scripts-clone-script-classified-improper-validation-of-email-address/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}