Free Realty
Products
1- 6 CVEs
Recent CVEs
6| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2012-4278 | 0.04 | — | 0.07 | Aug 13, 2012 | Multiple cross-site scripting (XSS) vulnerabilities in Free Realty 3.1-0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) notes parameter to (a) admin/agenteditor.php; (2) title, (3) previewdesc, (4) fulldesc, or (5) notes parameter (b) to… | |||
| CVE-2012-4279 | 0.03 | — | 0.02 | Aug 13, 2012 | Multiple SQL injection vulnerabilities in Free Realty 3.1-0.6 allow remote attackers to execute arbitrary SQL commands via the (1) view parameter to agentdisplay.php or (2) edit parameter to admin/admin.php. | |||
| CVE-2010-1708 | 0.03 | — | 0.00 | May 4, 2010 | Multiple SQL injection vulnerabilities in agentadmin.php in Free Realty allow remote attackers to execute arbitrary SQL commands via the (1) login field (aka agentname parameter) or (2) password field (aka agentpassword parameter). | |||
| CVE-2006-3165 | 0.00 | — | 0.01 | Jun 22, 2006 | SQL injection vulnerability in propview.php in Free Realty 2.9-0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the sort parameter. | |||
| CVE-2006-3166 | 0.00 | — | 0.00 | Jun 22, 2006 | Cross-site scripting (XSS) vulnerability in propview.php in Free Realty 2.9-0.6 and earlier allows remote attackers to execute arbitrary web script or HTML via the sort parameter. | |||
| CVE-2006-3167 | 0.00 | — | 0.00 | Jun 22, 2006 | Free Realty before 2.9 allows remote attackers to obtain the full path and other sensitive information via unspecified manipulations that produce an error message. |
- CVE-2012-4278Aug 13, 2012risk 0.04cvss —epss 0.07
Multiple cross-site scripting (XSS) vulnerabilities in Free Realty 3.1-0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) notes parameter to (a) admin/agenteditor.php; (2) title, (3) previewdesc, (4) fulldesc, or (5) notes parameter (b) to…
- CVE-2012-4279Aug 13, 2012risk 0.03cvss —epss 0.02
Multiple SQL injection vulnerabilities in Free Realty 3.1-0.6 allow remote attackers to execute arbitrary SQL commands via the (1) view parameter to agentdisplay.php or (2) edit parameter to admin/admin.php.
- CVE-2010-1708May 4, 2010risk 0.03cvss —epss 0.00
Multiple SQL injection vulnerabilities in agentadmin.php in Free Realty allow remote attackers to execute arbitrary SQL commands via the (1) login field (aka agentname parameter) or (2) password field (aka agentpassword parameter).
- CVE-2006-3165Jun 22, 2006risk 0.00cvss —epss 0.01
SQL injection vulnerability in propview.php in Free Realty 2.9-0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the sort parameter.
- CVE-2006-3166Jun 22, 2006risk 0.00cvss —epss 0.00
Cross-site scripting (XSS) vulnerability in propview.php in Free Realty 2.9-0.6 and earlier allows remote attackers to execute arbitrary web script or HTML via the sort parameter.
- CVE-2006-3167Jun 22, 2006risk 0.00cvss —epss 0.00
Free Realty before 2.9 allows remote attackers to obtain the full path and other sensitive information via unspecified manipulations that produce an error message.