CVE-2019-7436 — CVSS 6.5 (medium): PHP Scripts Mall Opensource Classified Ads Script 3.2.2 has directory traversal via a direct request for a listing of an uploads directory.
CVE-2019-7437 — CVSS 6.1 (medium): PHP Scripts Mall Opensource Classified Ads Script 3.2.2 has reflected Cross-Site Scripting (XSS) via the Search field.
CVE-2019-7435 — CVSS 5.3 (medium): PHP Scripts Mall Opensource Classified Ads Script 3.2.2 has reflected HTML injection via the Search Form.