65 matches found
CVE-2017-20272
Joomla Ultimate Property Listing 1.0.2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the sfselectuserid parameter. Attackers can send GET requests to index.php with the option=comupl and...
CVE-2017-20272 Joomla Ultimate Property Listing 1.0.2 SQL Injection via sf_selectuser_id
Joomla Ultimate Property Listing 1.0.2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the sfselectuserid parameter. Attackers can send GET requests to index.php with the option=comupl and...
CVE-2017-20272
Joomla Ultimate Property Listing 1.0.2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the sfselectuserid parameter. Attackers can send GET requests to index.php with the option=comupl and...
CVE-2017-20272
CVE-2017-20272 affects Joomla Ultimate Property Listing 1.0.2. The vulnerability is an SQL injection in the sf_selectuser_id parameter that can be exploited by unauthenticated users via GET requests to index.php with option=com_upl and view=propertylisting. This allows extraction of sensitive DB ...
EUVD-2017-18999
Joomla Ultimate Property Listing 1.0.2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the sfselectuserid parameter. Attackers can send GET requests to index.php with the option=comupl and...
CVE-2026-1700 projectworlds House Rental and Property Listing sms.php cross site scripting
A weakness has been identified in projectworlds House Rental and Property Listing 1.0. This vulnerability affects unknown code of the file /app/sms.php. This manipulation of the argument Message causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made...
CVE-2026-1700 projectworlds House Rental and Property Listing sms.php cross site scripting
A weakness has been identified in projectworlds House Rental and Property Listing 1.0. This vulnerability affects unknown code of the file /app/sms.php. This manipulation of the argument Message causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made...
PT-2026-5428
Name of the Vulnerable Software and Affected Versions projectworlds House Rental and Property Listing version 1.0 Description A weakness exists in projectworlds House Rental and Property Listing 1.0, affecting unknown code within the /app/sms.php file. This allows for cross site scripting through...
CVE-2026-0643
A flaw has been found in projectworlds House Rental and Property Listing 1.0. Impacted is an unknown function of the file /app/register.php?action=reg of the component Signup. This manipulation of the argument image causes unrestricted upload. Remote exploitation of the attack is possible. The...
CVE-2026-0642
A vulnerability was detected in projectworlds House Rental and Property Listing 1.0. This issue affects some unknown processing of the file /app/complaint.php. The manipulation of the argument Name results in cross site scripting. The attack may be launched remotely. The exploit is now public and...
CVE-2026-0643 projectworlds House Rental and Property Listing Signup register.php unrestricted upload
A flaw has been found in projectworlds House Rental and Property Listing 1.0. Impacted is an unknown function of the file /app/register.php?action=reg of the component Signup. This manipulation of the argument image causes unrestricted upload. Remote exploitation of the attack is possible. The...
CVE-2026-0642 projectworlds House Rental and Property Listing complaint.php cross site scripting
A vulnerability was detected in projectworlds House Rental and Property Listing 1.0. This issue affects some unknown processing of the file /app/complaint.php. The manipulation of the argument Name results in cross site scripting. The attack may be launched remotely. The exploit is now public and...
CVE-2026-0642
Summary of CVE-2026-0642 : Affects projectworlds House Rental and Property Listing 1.0. The vulnerability arises from improper handling of the Name parameter in the file /app/complaint.php, enabling cross-site scripting. The attack can be launched remotely and the exploit is public. Multiple sour...
CVE-2026-0642 projectworlds House Rental and Property Listing complaint.php cross site scripting
A vulnerability was detected in projectworlds House Rental and Property Listing 1.0. This issue affects some unknown processing of the file /app/complaint.php. The manipulation of the argument Name results in cross site scripting. The attack may be launched remotely. The exploit is now public and...
PT-2026-1524
Name of the Vulnerable Software and Affected Versions projectworlds House Rental and Property Listing version 1.0 Description A flaw exists in projectworlds House Rental and Property Listing that allows for cross site scripting. The issue is related to the processing of the /app/complaint.php fil...
CVE-2025-14530
A vulnerability has been found in SourceCodester Real Estate Property Listing App 1.0. The impacted element is an unknown function of the file /admin/property.php. Such manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has...
CVE-2025-14530 SourceCodester Real Estate Property Listing App property.php unrestricted upload
A vulnerability has been found in SourceCodester Real Estate Property Listing App 1.0. The impacted element is an unknown function of the file /admin/property.php. Such manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has...
EUVD-2025-202754
A vulnerability has been found in SourceCodester Real Estate Property Listing App 1.0. The impacted element is an unknown function of the file /admin/property.php. Such manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has...
CVE-2025-14530 SourceCodester Real Estate Property Listing App property.php unrestricted upload
A vulnerability has been found in SourceCodester Real Estate Property Listing App 1.0. The impacted element is an unknown function of the file /admin/property.php. Such manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has...
SourceCodester Real Estate Property Listing App 安全漏洞
SourceCodester Real Estate Property Listing App is an open source real estate listing application from SourceCodester. A security vulnerability exists in version 1.0 of the SourceCodester Real Estate Property Listing App, which stems from an incorrect manipulation of the parameter image in file...