118 matches found
CVE-2018-15187
PHP Scripts Mall advanced-real-estate-script 4.0.9 has CSRF via edit-profile.php...
Cross site request forgery (csrf)
PHP Scripts Mall advanced-real-estate-script 4.0.9 has CSRF via edit-profile.php...
CVE-2018-15187
PHP Scripts Mall advanced-real-estate-script 4.0.9 has CSRF via edit-profile.php...
CVE-2018-15188
PHP Scripts Mall advanced-real-estate-script 4.0.9 allows remote attackers to cause a denial of service page structure loss via crafted JavaScript code in the Name field of a profile...
Design/Logic Flaw
PHP Scripts Mall advanced-real-estate-script has XSS via the Name field of a profile...
CVE-2018-15189
The CVE-2018-15189 issue affects PHP Scripts Mall advanced-real-estate-script, with a cross-site scripting (XSS) vulnerability exploitable via the Name field in a user profile. The root cause is insufficient input handling/sanitization of the Name field, enabling HTML injection. Public references...
CVE-2018-15188
PHP Scripts Mall advanced-real-estate-script 4.0.9 allows remote attackers to cause a denial of service page structure loss via crafted JavaScript code in the Name field of a profile...
PHP Scripts Mall Multilanguage Real Estate MLM Script Cross Site Scripting Vulnerability
PHP Scripts Mall Multilanguage Real Estate MLM Script is a set of real estate online sales website scripts by PHP Scripts Mall India. A cross-site scripting vulnerability exists in PHP Scripts Mall Multilanguage Real Estate MLM Script version 3.0. The vulnerability can be exploited by a remote...
CVE-2018-6796
PHP Scripts Mall Multilanguage Real Estate MLM Script 3.0 has Stored XSS via every profile input field...
Online Ticket Booking Cross-Site Scripting Vulnerability
Advanced Real Estate Script is a ready-made real estate website script.Online Ticket Booking is one of the online booking systems. A cross-site scripting vulnerability exists in Online Ticket Booking in Advanced Real Estate Script. The vulnerability can be exploited to conduct cross-site scriptin...
Online Ticket Booking Cross-Site Scripting Vulnerability (CNVD-2018-01216)
Advanced Real Estate Script is a ready-made real estate website script.Online Ticket Booking is one of the online booking systems. A cross-site scripting vulnerability exists in Online Ticket Booking in Advanced Real Estate Script. The vulnerability can be exploited to conduct cross-site scriptin...
Online Ticket Booking Cross-Site Scripting Vulnerability (CNVD-2018-01214)
Advanced Real Estate Script is a ready-made real estate website script.Online Ticket Booking is one of the online booking systems. A cross-site scripting vulnerability exists in Online Ticket Booking in Advanced Real Estate Script. The vulnerability can be exploited to conduct cross-site scriptin...
Online Ticket Booking Cross-Site Scripting Vulnerability (CNVD-2018-01211)
Advanced Real Estate Script is a ready-made real estate website script.Online Ticket Booking is one of the online booking systems. A cross-site scripting vulnerability exists in Online Ticket Booking in Advanced Real Estate Script. The vulnerability can be exploited to conduct cross-site scriptin...
Online Ticket Booking Cross-Site Scripting Vulnerability (CNVD-2018-01215)
Advanced Real Estate Script is a ready-made real estate website script.Online Ticket Booking is one of the online booking systems. A cross-site scripting vulnerability exists in Online Ticket Booking in Advanced Real Estate Script. The vulnerability can be exploited to conduct cross-site scriptin...
Online Ticket Booking Cross-Site Request Forgery Vulnerability
Advanced Real Estate Script is a ready-made real estate website script.Online Ticket Booking is one of the online booking systems. A cross-site request forgery vulnerability exists in Online Ticket Booking in Advanced Real Estate Script. An attacker can exploit this vulnerability to conduct a...
PHP Scripts Mall Advanced Real Estate Script SQL Injection Vulnerability
PHP Scripts Mall Advanced Real Estate Script is a set of PHP and MySQL based real estate website scripts from PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall Advanced Real Estate Script version 4.0.7. A remote attacker can inject SQL into the search-results.php fi...
CVE-2017-17603
Advanced Real Estate Script 4.0.7 has SQL Injection via the search-results.php Projectmain, projtype, searchtext, sellprice, or maxprice parameter...
CVE-2017-17603
Advanced Real Estate Script 4.0.7 has SQL Injection via the search-results.php Projectmain, projtype, searchtext, sellprice, or maxprice parameter...
Sql injection
Advanced Real Estate Script 4.0.7 has SQL Injection via the search-results.php Projectmain, projtype, searchtext, sellprice, or maxprice parameter...
CVE-2017-17603
CVE-2017-17603 affects Advanced Real Estate Script 4.0.7 (PHP/MySQL). The vulnerability is an SQL Injection in search-results.php exploitable via parameters projectmain, proj_type, searchtext, sell_price, or maxprice. According to NVD, CVSSv2/3 indicate high to critical impact (Base Scores 7.5/9....