Realtyscripts

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2015-20121 HIGH POC This Week

SQL injection vulnerabilities in RealtyScript 4.0.2 allow unauthenticated remote attackers to manipulate database queries through vulnerable parameters in admin panel files (/admin/users.php and /admin/mailer.php). Attackers can extract sensitive database information using time-based blind SQL injection or cause denial of service. A public proof-of-concept exploit is available on Exploit-DB, though the vulnerability is not currently in CISA's KEV catalog.

Denial Of Service SQLi PHP Realtyscripts

NVD Exploit-DB VulDB

CVSS 3.1

8.2

EPSS

0.1%

CVE-2015-20121

EPSS 0% CVSS 8.2

HIGH POC This Week

SQL injection vulnerabilities in RealtyScript 4.0.2 allow unauthenticated remote attackers to manipulate database queries through vulnerable parameters in admin panel files (/admin/users.php and /admin/mailer.php). Attackers can extract sensitive database information using time-based blind SQL injection or cause denial of service. A public proof-of-concept exploit is available on Exploit-DB, though the vulnerability is not currently in CISA's KEV catalog.

Denial Of Service SQLi PHP +1

NVD Exploit-DB VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy