Advanced Real Estate Script Project: >> Advanced Real Estate Script Security Vulnerabilities
In PHP Scripts Mall advanced-real-estate-script 4.0.9, the search-results.php searchtext parameter is vulnerable to XSS.
CVSS Score
6.1
EPSS Score
0.003
Published
2020-01-05
In PHP Scripts Mall advanced-real-estate-script 4.0.9, the news_edit.php news_id parameter is vulnerable to SQL Injection.
CVSS Score
7.2
EPSS Score
0.003
Published
2020-01-05
PHP Scripts Mall advanced-real-estate-script has XSS via the Name field of a profile.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-08-10
PHP Scripts Mall advanced-real-estate-script 4.0.9 has CSRF via edit-profile.php.
CVSS Score
8.0
EPSS Score
0.001
Published
2018-08-10
PHP Scripts Mall advanced-real-estate-script 4.0.9 allows remote attackers to cause a denial of service (page structure loss) via crafted JavaScript code in the Name field of a profile.
CVSS Score
6.5
EPSS Score
0.001
Published
2018-08-10
Online Ticket Booking has XSS via the admin/sitesettings.php keyword parameter.
CVSS Score
4.8
EPSS Score
0.002
Published
2018-01-03
Online Ticket Booking has CSRF via admin/movieedit.php.
CVSS Score
6.8
EPSS Score
0.001
Published
2018-01-03
Online Ticket Booking has XSS via the admin/manageownerlist.php contact parameter.
CVSS Score
4.8
EPSS Score
0.002
Published
2018-01-03
Online Ticket Booking has XSS via the admin/snacks_edit.php snacks_name parameter.
CVSS Score
4.8
EPSS Score
0.002
Published
2018-01-03
Online Ticket Booking has XSS via the admin/newsedit.php newstitle parameter.
CVSS Score
4.8
EPSS Score
0.002
Published
2018-01-03
Page 1