Advanced Real Estate Script Project: >> Advanced Real Estate Script >> 4.0.9 Security Vulnerabilities
In PHP Scripts Mall advanced-real-estate-script 4.0.9, the search-results.php searchtext parameter is vulnerable to XSS.
CVSS Score
6.1
EPSS Score
0.003
Published
2020-01-05
In PHP Scripts Mall advanced-real-estate-script 4.0.9, the news_edit.php news_id parameter is vulnerable to SQL Injection.
CVSS Score
7.2
EPSS Score
0.003
Published
2020-01-05
PHP Scripts Mall advanced-real-estate-script has XSS via the Name field of a profile.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-08-10
PHP Scripts Mall advanced-real-estate-script 4.0.9 has CSRF via edit-profile.php.
CVSS Score
8.0
EPSS Score
0.001
Published
2018-08-10
PHP Scripts Mall advanced-real-estate-script 4.0.9 allows remote attackers to cause a denial of service (page structure loss) via crafted JavaScript code in the Name field of a profile.
CVSS Score
6.5
EPSS Score
0.001
Published
2018-08-10