Lucene search
K

118 matches found

OSV
OSV
added 2018/08/10 3:29 p.m.4 views

CVE-2018-15187

PHP Scripts Mall advanced-real-estate-script 4.0.9 has CSRF via edit-profile.php...

8CVSS5.8AI score0.00452EPSS
Exploits1References1
Prion
Prion
added 2018/08/10 3:29 p.m.21 views

Cross site request forgery (csrf)

PHP Scripts Mall advanced-real-estate-script 4.0.9 has CSRF via edit-profile.php...

6CVSS8AI score0.00452EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/08/10 3:29 p.m.27 views

CVE-2018-15187

PHP Scripts Mall advanced-real-estate-script 4.0.9 has CSRF via edit-profile.php...

8CVSS8AI score0.00452EPSS
Exploits1References1
OSV
OSV
added 2018/08/10 3:29 p.m.3 views

CVE-2018-15188

PHP Scripts Mall advanced-real-estate-script 4.0.9 allows remote attackers to cause a denial of service page structure loss via crafted JavaScript code in the Name field of a profile...

6.5CVSS5.9AI score0.00938EPSS
Exploits1References1
Prion
Prion
added 2018/08/10 3:29 p.m.17 views

Design/Logic Flaw

PHP Scripts Mall advanced-real-estate-script has XSS via the Name field of a profile...

3.5CVSS5.3AI score0.00545EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2018/08/10 3:0 p.m.45 views

CVE-2018-15189

The CVE-2018-15189 issue affects PHP Scripts Mall advanced-real-estate-script, with a cross-site scripting (XSS) vulnerability exploitable via the Name field in a user profile. The root cause is insufficient input handling/sanitization of the Name field, enabling HTML injection. Public references...

5.4CVSS5.3AI score0.00545EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/08/10 3:0 p.m.22 views

CVE-2018-15188

PHP Scripts Mall advanced-real-estate-script 4.0.9 allows remote attackers to cause a denial of service page structure loss via crafted JavaScript code in the Name field of a profile...

6.6AI score0.00938EPSS
Exploits1References1
CNVD
CNVD
added 2018/02/09 12:0 a.m.3 views

PHP Scripts Mall Multilanguage Real Estate MLM Script Cross Site Scripting Vulnerability

PHP Scripts Mall Multilanguage Real Estate MLM Script is a set of real estate online sales website scripts by PHP Scripts Mall India. A cross-site scripting vulnerability exists in PHP Scripts Mall Multilanguage Real Estate MLM Script version 3.0. The vulnerability can be exploited by a remote...

5.4CVSS6.5AI score0.00554EPSS
Exploits1References1
OSV
OSV
added 2018/02/07 9:29 p.m.5 views

CVE-2018-6796

PHP Scripts Mall Multilanguage Real Estate MLM Script 3.0 has Stored XSS via every profile input field...

5.4CVSS5.8AI score0.00554EPSS
Exploits1References1
CNVD
CNVD
added 2018/01/04 12:0 a.m.2 views

Online Ticket Booking Cross-Site Scripting Vulnerability

Advanced Real Estate Script is a ready-made real estate website script.Online Ticket Booking is one of the online booking systems. A cross-site scripting vulnerability exists in Online Ticket Booking in Advanced Real Estate Script. The vulnerability can be exploited to conduct cross-site scriptin...

4.8CVSS6.4AI score0.00492EPSS
Exploits1References1
CNVD
CNVD
added 2018/01/04 12:0 a.m.3 views

Online Ticket Booking Cross-Site Scripting Vulnerability (CNVD-2018-01216)

Advanced Real Estate Script is a ready-made real estate website script.Online Ticket Booking is one of the online booking systems. A cross-site scripting vulnerability exists in Online Ticket Booking in Advanced Real Estate Script. The vulnerability can be exploited to conduct cross-site scriptin...

4.8CVSS6.4AI score0.00492EPSS
Exploits1References1
CNVD
CNVD
added 2018/01/04 12:0 a.m.2 views

Online Ticket Booking Cross-Site Scripting Vulnerability (CNVD-2018-01214)

Advanced Real Estate Script is a ready-made real estate website script.Online Ticket Booking is one of the online booking systems. A cross-site scripting vulnerability exists in Online Ticket Booking in Advanced Real Estate Script. The vulnerability can be exploited to conduct cross-site scriptin...

4.8CVSS6.4AI score0.00492EPSS
Exploits1References1
CNVD
CNVD
added 2018/01/04 12:0 a.m.3 views

Online Ticket Booking Cross-Site Scripting Vulnerability (CNVD-2018-01211)

Advanced Real Estate Script is a ready-made real estate website script.Online Ticket Booking is one of the online booking systems. A cross-site scripting vulnerability exists in Online Ticket Booking in Advanced Real Estate Script. The vulnerability can be exploited to conduct cross-site scriptin...

4.8CVSS6.4AI score0.00492EPSS
Exploits1References1
CNVD
CNVD
added 2018/01/04 12:0 a.m.3 views

Online Ticket Booking Cross-Site Scripting Vulnerability (CNVD-2018-01215)

Advanced Real Estate Script is a ready-made real estate website script.Online Ticket Booking is one of the online booking systems. A cross-site scripting vulnerability exists in Online Ticket Booking in Advanced Real Estate Script. The vulnerability can be exploited to conduct cross-site scriptin...

4.8CVSS6.4AI score0.00492EPSS
Exploits1References1
CNVD
CNVD
added 2018/01/04 12:0 a.m.3 views

Online Ticket Booking Cross-Site Request Forgery Vulnerability

Advanced Real Estate Script is a ready-made real estate website script.Online Ticket Booking is one of the online booking systems. A cross-site request forgery vulnerability exists in Online Ticket Booking in Advanced Real Estate Script. An attacker can exploit this vulnerability to conduct a...

6.8CVSS7AI score0.00397EPSS
Exploits1References1
CNVD
CNVD
added 2017/12/15 12:0 a.m.3 views

PHP Scripts Mall Advanced Real Estate Script SQL Injection Vulnerability

PHP Scripts Mall Advanced Real Estate Script is a set of PHP and MySQL based real estate website scripts from PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall Advanced Real Estate Script version 4.0.7. A remote attacker can inject SQL into the search-results.php fi...

9.8CVSS8.2AI score0.0305EPSS
Exploits1References1
OSV
OSV
added 2017/12/13 9:29 a.m.3 views

CVE-2017-17603

Advanced Real Estate Script 4.0.7 has SQL Injection via the search-results.php Projectmain, projtype, searchtext, sellprice, or maxprice parameter...

9.8CVSS5.8AI score0.0305EPSS
Exploits1References2
NVD
NVD
added 2017/12/13 9:29 a.m.21 views

CVE-2017-17603

Advanced Real Estate Script 4.0.7 has SQL Injection via the search-results.php Projectmain, projtype, searchtext, sellprice, or maxprice parameter...

9.8CVSS10AI score0.0305EPSS
Exploits1References2
Prion
Prion
added 2017/12/13 9:29 a.m.16 views

Sql injection

Advanced Real Estate Script 4.0.7 has SQL Injection via the search-results.php Projectmain, projtype, searchtext, sellprice, or maxprice parameter...

7.5CVSS9.9AI score0.0305EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2017/12/13 9:0 a.m.48 views

CVE-2017-17603

CVE-2017-17603 affects Advanced Real Estate Script 4.0.7 (PHP/MySQL). The vulnerability is an SQL Injection in search-results.php exploitable via parameters projectmain, proj_type, searchtext, sell_price, or maxprice. According to NVD, CVSSv2/3 indicate high to critical impact (Base Scores 7.5/9....

9.8CVSS9.9AI score0.0305EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder