Skip to main content

Advanced Real Estate Script

11 CVEs product

Monthly

CVE-2018-15189 MEDIUM POC This Month

PHP Scripts Mall advanced-real-estate-script has XSS via the Name field of a profile. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Advanced Real Estate Script
NVD
CVSS 3.0
5.4
EPSS
0.5%
CVE-2018-15188 MEDIUM POC This Month

PHP Scripts Mall advanced-real-estate-script 4.0.9 allows remote attackers to cause a denial of service (page structure loss) via crafted JavaScript code in the Name field of a profile. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow PHP Advanced Real Estate Script
NVD
CVSS 3.0
6.5
EPSS
0.9%
CVE-2018-15187 HIGH POC This Week

PHP Scripts Mall advanced-real-estate-script 4.0.9 has CSRF via edit-profile.php. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Advanced Real Estate Script
NVD
CVSS 3.0
8.0
EPSS
0.5%
CVE-2018-5078 MEDIUM POC This Month

Online Ticket Booking has XSS via the admin/eventlist.php cast parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Advanced Real Estate Script
NVD GitHub
CVSS 3.0
4.8
EPSS
0.5%
CVE-2018-5077 MEDIUM POC This Month

Online Ticket Booking has XSS via the admin/movieedit.php moviename parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Advanced Real Estate Script
NVD GitHub
CVSS 3.0
4.8
EPSS
0.5%
CVE-2018-5076 MEDIUM POC This Month

Online Ticket Booking has XSS via the admin/newsedit.php newstitle parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Advanced Real Estate Script
NVD GitHub
CVSS 3.0
4.8
EPSS
0.5%
CVE-2018-5075 MEDIUM POC This Month

Online Ticket Booking has XSS via the admin/snacks_edit.php snacks_name parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Advanced Real Estate Script
NVD GitHub
CVSS 3.0
4.8
EPSS
0.5%
CVE-2018-5074 MEDIUM POC This Month

Online Ticket Booking has XSS via the admin/manageownerlist.php contact parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Advanced Real Estate Script
NVD GitHub
CVSS 3.0
4.8
EPSS
0.5%
CVE-2018-5073 MEDIUM POC This Month

Online Ticket Booking has CSRF via admin/movieedit.php. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Advanced Real Estate Script
NVD GitHub
CVSS 3.0
6.8
EPSS
0.4%
CVE-2018-5072 MEDIUM POC This Month

Online Ticket Booking has XSS via the admin/sitesettings.php keyword parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Advanced Real Estate Script
NVD GitHub
CVSS 3.0
4.8
EPSS
0.5%
CVE-2017-17603 CRITICAL POC Act Now

Advanced Real Estate Script 4.0.7 has SQL Injection via the search-results.php Projectmain, proj_type, searchtext, sell_price, or maxprice parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Advanced Real Estate Script
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
2.5%
EPSS 1% CVSS 5.4
MEDIUM POC This Month

PHP Scripts Mall advanced-real-estate-script has XSS via the Name field of a profile. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Advanced Real Estate Script
NVD
EPSS 1% CVSS 6.5
MEDIUM POC This Month

PHP Scripts Mall advanced-real-estate-script 4.0.9 allows remote attackers to cause a denial of service (page structure loss) via crafted JavaScript code in the Name field of a profile. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow PHP +1
NVD
EPSS 0% CVSS 8.0
HIGH POC This Week

PHP Scripts Mall advanced-real-estate-script 4.0.9 has CSRF via edit-profile.php. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Advanced Real Estate Script
NVD
EPSS 0% CVSS 4.8
MEDIUM POC This Month

Online Ticket Booking has XSS via the admin/eventlist.php cast parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Advanced Real Estate Script
NVD GitHub
EPSS 0% CVSS 4.8
MEDIUM POC This Month

Online Ticket Booking has XSS via the admin/movieedit.php moviename parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Advanced Real Estate Script
NVD GitHub
EPSS 0% CVSS 4.8
MEDIUM POC This Month

Online Ticket Booking has XSS via the admin/newsedit.php newstitle parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Advanced Real Estate Script
NVD GitHub
EPSS 0% CVSS 4.8
MEDIUM POC This Month

Online Ticket Booking has XSS via the admin/snacks_edit.php snacks_name parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Advanced Real Estate Script
NVD GitHub
EPSS 0% CVSS 4.8
MEDIUM POC This Month

Online Ticket Booking has XSS via the admin/manageownerlist.php contact parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Advanced Real Estate Script
NVD GitHub
EPSS 0% CVSS 6.8
MEDIUM POC This Month

Online Ticket Booking has CSRF via admin/movieedit.php. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Advanced Real Estate Script
NVD GitHub
EPSS 0% CVSS 4.8
MEDIUM POC This Month

Online Ticket Booking has XSS via the admin/sitesettings.php keyword parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Advanced Real Estate Script
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

Advanced Real Estate Script 4.0.7 has SQL Injection via the search-results.php Projectmain, proj_type, searchtext, sell_price, or maxprice parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Advanced Real Estate Script
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy