22 matches found
CVE-2019-20337
In PHP Scripts Mall advanced-real-estate-script 4.0.9, the newsedit.php newsid parameter is vulnerable to SQL Injection...
CVE-2019-20336
In PHP Scripts Mall advanced-real-estate-script 4.0.9, the search-results.php searchtext parameter is vulnerable to XSS...
EUVD-2019-10889
Malware in sbrugna...
EUVD-2018-7066
Malware in sbrugna...
EUVD-2019-10890
Malware in sbrugna...
EUVD-2018-7068
Malware in sbrugna...
Readymade Real Estate Script SQL Injection / Cross Site Scripting Vulnerabilities
x========================================================================================================================================x | Title : Readymade Real Estate Script Blind SQL & XSS Vulnerabilities | Software : Advanced Real Estate Script | Vendor : http://www.i-netsolution.com/ | Dat...
PHP Scripts Mall advanced-real-estate-script cross-site scripting vulnerability
PHP Scripts Mall advanced-real-estate-script is a real estate website system script by PHP Scripts Mall India. A cross-site scripting vulnerability exists in the 'searchtext' parameter of the search-results.php file in PHP Scripts Mall advanced-real-estate-script version 4.0.9. The vulnerability...
CVE-2019-20337
In PHP Scripts Mall advanced-real-estate-script 4.0.9, the newsedit.php newsid parameter is vulnerable to SQL Injection...
CVE-2019-20337
Summary: CVE-2019-20337 affects PHP Scripts Mall advanced-real-estate-script 4.0.9. The vulnerability is in news_edit.php, where the news_id parameter is vulnerable to SQL Injection. The root cause is improper input validation/sanitization of externally provided SQL statements. Reported impact in...
Cross site request forgery (csrf)
PHP Scripts Mall advanced-real-estate-script 4.0.9 has CSRF via edit-profile.php...
CVE-2018-15188
PHP Scripts Mall advanced-real-estate-script 4.0.9 allows remote attackers to cause a denial of service page structure loss via crafted JavaScript code in the Name field of a profile...
CVE-2018-15189
The CVE-2018-15189 issue affects PHP Scripts Mall advanced-real-estate-script, with a cross-site scripting (XSS) vulnerability exploitable via the Name field in a user profile. The root cause is insufficient input handling/sanitization of the Name field, enabling HTML injection. Public references...
Online Ticket Booking Cross-Site Scripting Vulnerability (CNVD-2018-01214)
Advanced Real Estate Script is a ready-made real estate website script.Online Ticket Booking is one of the online booking systems. A cross-site scripting vulnerability exists in Online Ticket Booking in Advanced Real Estate Script. The vulnerability can be exploited to conduct cross-site scriptin...
Online Ticket Booking Cross-Site Scripting Vulnerability (CNVD-2018-01215)
Advanced Real Estate Script is a ready-made real estate website script.Online Ticket Booking is one of the online booking systems. A cross-site scripting vulnerability exists in Online Ticket Booking in Advanced Real Estate Script. The vulnerability can be exploited to conduct cross-site scriptin...
Online Ticket Booking Cross-Site Scripting Vulnerability (CNVD-2018-01216)
Advanced Real Estate Script is a ready-made real estate website script.Online Ticket Booking is one of the online booking systems. A cross-site scripting vulnerability exists in Online Ticket Booking in Advanced Real Estate Script. The vulnerability can be exploited to conduct cross-site scriptin...
Online Ticket Booking Cross-Site Scripting Vulnerability
Advanced Real Estate Script is a ready-made real estate website script.Online Ticket Booking is one of the online booking systems. A cross-site scripting vulnerability exists in Online Ticket Booking in Advanced Real Estate Script. The vulnerability can be exploited to conduct cross-site scriptin...
Online Ticket Booking Cross-Site Request Forgery Vulnerability
Advanced Real Estate Script is a ready-made real estate website script.Online Ticket Booking is one of the online booking systems. A cross-site request forgery vulnerability exists in Online Ticket Booking in Advanced Real Estate Script. An attacker can exploit this vulnerability to conduct a...
CVE-2017-17603
Advanced Real Estate Script 4.0.7 has SQL Injection via the search-results.php Projectmain, projtype, searchtext, sellprice, or maxprice parameter...
CVE-2017-17603
CVE-2017-17603 affects Advanced Real Estate Script 4.0.7 (PHP/MySQL). The vulnerability is an SQL Injection in search-results.php exploitable via parameters projectmain, proj_type, searchtext, sell_price, or maxprice. According to NVD, CVSSv2/3 indicate high to critical impact (Base Scores 7.5/9....