4.8CVSS
4.9AI Score
0.001EPSS
4.8CVSS
4.9AI Score
0.001EPSS
4.8CVSS
4.9AI Score
0.001EPSS
6.8CVSS
6.7AI Score
0.001EPSS
4.8CVSS
4.9AI Score
0.001EPSS
4.8CVSS
4.9AI Score
0.001EPSS
4.8CVSS
4.9AI Score
0.001EPSS
Multiple directory traversal vulnerabilities in Phpkobo Free Real Estate Contact Form 1.09, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the LANG_CODE parameter to (1) codelib/cfg/common.inc.php, (2)...
7.3AI Score
0.005EPSS
SQL injection vulnerability in property_listings_detail.php in Real Estate PHP Script allows remote attackers to execute arbitrary SQL commands via the listingid...
8.8AI Score
0.001EPSS
A vulnerability was found in Itech Real Estate Script 3.12. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /real-estate-script/search_property.php. The manipulation of the argument property_for leads to sql injection. The attack can be...
9.8CVSS
9.7AI Score
0.005EPSS
In PHP Scripts Mall advanced-real-estate-script 4.0.9, the news_edit.php news_id parameter is vulnerable to SQL...
7.2CVSS
7.2AI Score
0.001EPSS
In PHP Scripts Mall advanced-real-estate-script 4.0.9, the search-results.php searchtext parameter is vulnerable to...
6.1CVSS
6.3AI Score
0.001EPSS
PHP Scripts Mall Open Source Real-estate Script 3.6.2 allows remote attackers to list the wp-content/themes/template_dp_dec2015/img...
5.3CVSS
5.4AI Score
0.003EPSS
5.4CVSS
5.3AI Score
0.001EPSS
PHP Scripts Mall advanced-real-estate-script 4.0.9 allows remote attackers to cause a denial of service (page structure loss) via crafted JavaScript code in the Name field of a...
6.5CVSS
6.5AI Score
0.001EPSS
8CVSS
7.9AI Score
0.001EPSS
PHP Scripts Mall Multilanguage Real Estate MLM Script 3.0 has Stored XSS via every profile input...
5.4CVSS
5.2AI Score
0.0005EPSS
SQL Injection exists in Multilanguage Real Estate MLM Script through 3.0 via the /product-list.php srch...
9.8CVSS
9.8AI Score
0.002EPSS
Advanced Real Estate Script 4.0.7 has SQL Injection via the search-results.php Projectmain, proj_type, searchtext, sell_price, or maxprice...
9.8CVSS
9.9AI Score
0.002EPSS
Cross-site scripting (XSS) vulnerability in search_residential.php in Real Estate PHP Script allows remote attackers to inject arbitrary web script or HTML via the bos...
5.9AI Score
0.002EPSS
Multiple cross-site scripting (XSS) vulnerabilities in findagent.php in MYRE Real Estate Software allow remote attackers to inject arbitrary web script or HTML via the (1) country1, (2) state1, or (3) city1...
5.9AI Score
0.002EPSS
Cross-site scripting (XSS) vulnerability in AGENTS/index.php in NetArt MEDIA Real Estate Portal 2.0 allows remote authenticated users to inject arbitrary web script or HTML via the id...
5.4AI Score
0.001EPSS
Directory traversal vulnerability in codelib/sys/common.inc.php in Phpkobo Free Real Estate Contact Form 1.09, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the LANG_CODE parameter. NOTE: some of these details are...
7.4AI Score
0.007EPSS
Multiple cross-site scripting (XSS) vulnerabilities in Xstate Real Estate 1.0 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) home.html or (2)...
5.8AI Score
0.003EPSS
Cross-site scripting (XSS) vulnerability in index.php in Real Estate Manager 1.0.1 allows remote attackers to inject arbitrary web script or HTML via the lang parameter. NOTE: some of these details are obtained from third party...
5.7AI Score
0.002EPSS
Mole Group Real Estate Script 1.1 and earlier stores passwords in cleartext, which allows context-dependent attackers to obtain sensitive information. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...
6.2AI Score
0.002EPSS
SQL injection vulnerability in index.php in Mole Group Real Estate Script 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the listing_id parameter in a listings...
8.4AI Score
0.001EPSS
SQL injection vulnerability in dpage.php in The Real Estate Script allows remote attackers to execute arbitrary SQL commands via the docID...
8.4AI Score
0.001EPSS
SQL injection vulnerability in the login script in Real Estate listing website application template, when logging in as user or manager, allows remote attackers to execute arbitrary SQL commands via the Password...
8.3AI Score
0.01EPSS