EUVD-2015-9409
Cross-site Scripting (XSS) (CWE-79)
2026-03-15
VulnCheck
6.1
CVSS 3.1
Share
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None
Lifecycle Timeline
4
PoC Detected
Mar 16, 2026 - 14:53 vuln.today
Public exploit code
EUVD ID Assigned
Mar 15, 2026 - 19:00 euvd
EUVD-2015-9409
Analysis Generated
Mar 15, 2026 - 19:00 vuln.today
CVE Published
Mar 15, 2026 - 18:34 nvd
MEDIUM 6.1
DescriptionNVD
Next Click Ventures RealtyScript 4.0.2 contains a cross-site scripting vulnerability that allows attackers to execute arbitrary HTML and script code by injecting malicious input through multiple parameters that are not properly sanitized. Attackers can craft requests with injected script payloads in vulnerable parameters to execute code in users' browser sessions within the context of the affected application.
AnalysisAI
A cross-site scripting vulnerability in Next Click Ventures RealtyScript 4.0.2 (CVSS 6.1) that allows attackers. Risk factors: public PoC available.
Technical ContextAI
CWE-79 (Cross-site Scripting). Affects Next Click Ventures RealtyScript 4.0.2.
RemediationAI
Monitor vendor channels for patch availability.
Share
External POC / Exploit Code
Leaving vuln.today
Destination URL
POC code from unknown sources may be malicious, contain backdoors, or be fake.
Always review and test exploit code in a safe, isolated environment (VM/sandbox).
Verify the source reputation and cross-reference with known databases (Exploit-DB, GitHub Security).