Vulnerability Details CVE-2021-25790
Multiple stored cross site scripting (XSS) vulnerabilities in the "Register" module of House Rental and Property Listing 1.0 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payloads in all text fields except for Phone Number and Alternate Phone Number.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 37.5%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 3.5
References
- https://www.exploit-db.com/exploits/49352
- https://www.sourcecodester.com
- https://www.sourcecodester.com/php/14649/house-rental-and-property-listing-php-full-source-code.html
- https://www.exploit-db.com/exploits/49352
- https://www.sourcecodester.com
- https://www.sourcecodester.com/php/14649/house-rental-and-property-listing-php-full-source-code.html
Products affected by CVE-2021-25790
-
House Rental And Property Listing Php Project » House Rental And Property Listing Php » Version: 1.0cpe:2.3:a:house_rental_and_property_listing_php_project:house_rental_and_property_listing_php:1.0