VYPR
Vendor

Phpstore

Products
10
CVEs
13
Across products
16
Status
Private

Products

10

Recent CVEs

13
  • CVE-2025-2126Mar 9, 2025
    risk 0.03cvss epss 0.09

    A vulnerability was found in JoomlaUX JUX Real Estate 3.4.0 on Joomla and classified as critical. This issue affects some unknown processing of the file /extensions/realestate/index.php/properties/list/list-with-sidebar/realties of the component GET Parameter Handler. The…

  • CVE-2009-4478Dec 30, 2009
    risk 0.03cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in Xstate Real Estate 1.0 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) home.html or (2) lands.html.

  • CVE-2009-4477Dec 30, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in page.html in Xstate Real Estate 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter.

  • CVE-2008-6931Aug 11, 2009
    risk 0.03cvss epss 0.03

    Unrestricted file upload vulnerability in PHPStore Job Search (aka PHPCareers) allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a resume photo, then accessing it via a direct request to the file in…

  • CVE-2008-6930Aug 11, 2009
    risk 0.03cvss epss 0.03

    Unrestricted file upload vulnerability in PHPStore Real Estate allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a logo, then accessing it via a direct request to the file in realty/re_images/.

  • CVE-2008-6929Aug 11, 2009
    risk 0.03cvss epss 0.03

    Unrestricted file upload vulnerability in PHPStore Auto Classifieds allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a logo, then accessing it via a direct request to the file in cars/cars_images/.

  • CVE-2008-6928Aug 11, 2009
    risk 0.03cvss epss 0.03

    Unrestricted file upload vulnerability in PHPStore Complete Classifieds allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a logo, then accessing it via a direct request to the file in classifieds1/yellow_images/.

  • CVE-2008-5493Dec 12, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in track.php in PHPStore Wholesales (aka Wholesale) allows remote attackers to execute arbitrary SQL commands via the id parameter.

  • CVE-2008-5490Dec 12, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in PHPStore Yahoo Answers allows remote attackers to execute arbitrary SQL commands via the id parameter.

  • CVE-2008-4674Oct 22, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in realestate-index.php in Conkurent Real Estate Manager 1.01 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in browse mode.

  • CVE-2008-2904Jun 30, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in shop.php in Conkurent PHPMyCart allows remote attackers to execute arbitrary SQL commands via the cat parameter.

  • CVE-2025-2714Mar 24, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in JoomlaUX JUX Real Estate 3.4.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /extensions/realestate/index.php/agents/agent-register/addagent. The manipulation of the argument plan_id leads to…

  • CVE-2025-2127Mar 9, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was found in JoomlaUX JUX Real Estate 3.4.0 on Joomla. It has been classified as problematic. Affected is an unknown function of the file /extensions/realestate/index.php/properties/list/list-with-sidebar/realties. The manipulation of the argument…