advanced-real-estate-script
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-15187 | Hig | 0.52 | 8.0 | 0.00 | Aug 10, 2018 | PHP Scripts Mall advanced-real-estate-script 4.0.9 has CSRF via edit-profile.php. | ||
| CVE-2019-20337 | Hig | 0.47 | 7.2 | 0.01 | Jan 5, 2020 | In PHP Scripts Mall advanced-real-estate-script 4.0.9, the news_edit.php news_id parameter is vulnerable to SQL Injection. | ||
| CVE-2018-15188 | Med | 0.42 | 6.5 | 0.01 | Aug 10, 2018 | PHP Scripts Mall advanced-real-estate-script 4.0.9 allows remote attackers to cause a denial of service (page structure loss) via crafted JavaScript code in the Name field of a profile. | ||
| CVE-2019-20336 | Med | 0.40 | 6.1 | 0.01 | Jan 5, 2020 | In PHP Scripts Mall advanced-real-estate-script 4.0.9, the search-results.php searchtext parameter is vulnerable to XSS. | ||
| CVE-2018-15189 | Med | 0.35 | 5.4 | 0.01 | Aug 10, 2018 | PHP Scripts Mall advanced-real-estate-script has XSS via the Name field of a profile. |
- risk 0.52cvss 8.0epss 0.00
PHP Scripts Mall advanced-real-estate-script 4.0.9 has CSRF via edit-profile.php.
- risk 0.47cvss 7.2epss 0.01
In PHP Scripts Mall advanced-real-estate-script 4.0.9, the news_edit.php news_id parameter is vulnerable to SQL Injection.
- risk 0.42cvss 6.5epss 0.01
PHP Scripts Mall advanced-real-estate-script 4.0.9 allows remote attackers to cause a denial of service (page structure loss) via crafted JavaScript code in the Name field of a profile.
- risk 0.40cvss 6.1epss 0.01
In PHP Scripts Mall advanced-real-estate-script 4.0.9, the search-results.php searchtext parameter is vulnerable to XSS.
- risk 0.35cvss 5.4epss 0.01
PHP Scripts Mall advanced-real-estate-script has XSS via the Name field of a profile.