Advanced Real Estate Script Project Advanced Real Estate Script vulnerabilities
6 known vulnerabilities affecting advanced_real_estate_script_project/advanced_real_estate_script.
Total CVEs
6
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2017-17603P3CRITICALCVSS 9.8PoCv4.0.72017-12-13
CVE-2017-17603 [CRITICAL] CWE-89 CVE-2017-17603: Advanced Real Estate Script 4.0.7 has SQL Injection via the search-results.php Projectmain, proj_typ
Advanced Real Estate Script 4.0.7 has SQL Injection via the search-results.php Projectmain, proj_type, searchtext, sell_price, or maxprice parameter.
nvd
CVE-2019-20337P3HIGHCVSS 7.2v4.0.92020-01-05
CVE-2019-20337 [HIGH] CWE-89 CVE-2019-20337: In PHP Scripts Mall advanced-real-estate-script 4.0.9, the news_edit.php news_id parameter is vulner
In PHP Scripts Mall advanced-real-estate-script 4.0.9, the news_edit.php news_id parameter is vulnerable to SQL Injection.
nvd
CVE-2018-15187P4HIGHCVSS 8.0v4.0.92018-08-10
CVE-2018-15187 [HIGH] CWE-352 CVE-2018-15187: PHP Scripts Mall advanced-real-estate-script 4.0.9 has CSRF via edit-profile.php.
PHP Scripts Mall advanced-real-estate-script 4.0.9 has CSRF via edit-profile.php.
nvd
CVE-2018-15188P4MEDIUMCVSS 6.5v4.0.92018-08-10
CVE-2018-15188 [MEDIUM] CWE-119 CVE-2018-15188: PHP Scripts Mall advanced-real-estate-script 4.0.9 allows remote attackers to cause a denial of serv
PHP Scripts Mall advanced-real-estate-script 4.0.9 allows remote attackers to cause a denial of service (page structure loss) via crafted JavaScript code in the Name field of a profile.
nvd
CVE-2019-20336P4MEDIUMCVSS 6.1v4.0.92020-01-05
CVE-2019-20336 [MEDIUM] CWE-79 CVE-2019-20336: In PHP Scripts Mall advanced-real-estate-script 4.0.9, the search-results.php searchtext parameter i
In PHP Scripts Mall advanced-real-estate-script 4.0.9, the search-results.php searchtext parameter is vulnerable to XSS.
nvd
CVE-2018-15189P4MEDIUMCVSS 5.4v4.0.92018-08-10
CVE-2018-15189 [MEDIUM] CWE-79 CVE-2018-15189: PHP Scripts Mall advanced-real-estate-script has XSS via the Name field of a profile.
PHP Scripts Mall advanced-real-estate-script has XSS via the Name field of a profile.
nvd