Lucene search
K

2032 matches found

Nuclei
Nuclei
added yesterday64 views

WordPress Essential Real Estate <3.9.6 - Authenticated Cross-Site Scripting

WordPress Essential Real Estate plugin before 3.9.6 contains an authenticated cross-site scripting vulnerability. The plugin does not sanitize and escape some parameters, which can allow someone with a role as low as admin to inject arbitrary script in the browser of an unsuspecting user in the...

5.4CVSS6.2AI score0.00869EPSS
Exploits2References5
Nuclei
Nuclei
added yesterday56 views

JoomlaUX JUX Real Estate 3.4.0 - Reflected XSS

A vulnerability was found in JoomlaUX JUX Real Estate 3.4.0 on Joomla. It has been classified as problematic. Affected is an unknown function of the file /extensions/realestate/index.php/properties/list/list-with-sidebar/realties. The manipulation of the argument Itemid/jpyearbuilt leads to cross...

6.1CVSS4.3AI score0.0097EPSS
Exploits2References3
NVD
NVD
added 2 days ago3 views

CVE-2026-57398

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebCodingPlace Real Estate Manager Pro real-estate-manager-pro allows Reflected XSS.This issue affects Real Estate Manager Pro: from n/a through = 12.8.3...

7.1CVSS0.0018EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago28 views

CVE-2026-57398 WordPress Real Estate Manager Pro plugin <= 12.8.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebCodingPlace Real Estate Manager Pro real-estate-manager-pro allows Reflected XSS.This issue affects Real Estate Manager Pro: from n/a through = 12.8.3...

7.1CVSS0.0018EPSS
Exploits0References1
CVE
CVE
added 2 days ago8 views

CVE-2026-57398

CVE-2026-57398 : WordPress Real Estate Manager Pro plugin (

7.1CVSS6.1AI score0.0018EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2 days ago9 views

PT-2026-57709

Name of the Vulnerable Software and Affected Versions Real Estate Manager Pro versions prior to 12.8.4 Description Improper neutralization of input during web page generation allows for Reflected Cross-site Scripting XSS, a flaw where an application includes untrusted data in a web page without...

7.1CVSS6.2AI score0.0018EPSS
Exploits0References3
Patchstack
Patchstack
added last week5 views

WordPress Real Estate Manager Pro plugin <= 12.8.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by dutafi in WordPress Plugin Real Estate Manager Pro versions = 12.8.3...

7.1CVSS6.1AI score0.0018EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2026/07/05 8:15 p.m.26 views

CVE-2026-14769 code-projects Real State Services pay.php sql injection

A security vulnerability has been detected in code-projects Real State Services 1.0. This issue affects some unknown processing of the file /pay.php. Such manipulation of the argument Bankname leads to sql injection. The attack may be performed from remote. The exploit has been disclosed publicly...

7.5CVSS0.00269EPSS
Exploits0References6
CVE
CVE
added 2026/07/05 8:15 p.m.10 views

CVE-2026-14769

The CVE-2026-14769 entry concerns code-projects Real State Services 1.0. A vulnerability in processing the file /pay.php allows manipulation of the Bankname parameter that leads to a SQL injection. The issue appears to be exploitable remotely and public exploit details are available. Metrics indi...

7.5CVSS6.8AI score0.00269EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/07/05 8:0 p.m.27 views

CVE-2026-14768 code-projects Real State Services builderHome.php sql injection

A weakness has been identified in code-projects Real State Services 1.0. This vulnerability affects unknown code of the file /builderHome.php. This manipulation of the argument loc causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the...

7.5CVSS0.00269EPSS
Exploits0References6
NVD
NVD
added 2026/07/05 12:17 p.m.8 views

CVE-2026-14746

A security vulnerability has been detected in code-projects Real State Services 1.0. Affected is an unknown function of the file /addprojectrent.php. The manipulation of the argument amen leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may...

7.5CVSS0.00269EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/07/05 11:45 a.m.30 views

CVE-2026-14746 code-projects Real State Services addprojectrent.php sql injection

A security vulnerability has been detected in code-projects Real State Services 1.0. Affected is an unknown function of the file /addprojectrent.php. The manipulation of the argument amen leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may...

7.5CVSS0.00269EPSS
Exploits0References6
CVE
CVE
added 2026/07/05 11:45 a.m.18 views

CVE-2026-14746

CVE-2026-14746 affects code-projects Real State Services 1.0. The vulnerability is in an unknown function of the file /addprojectrent.php, where manipulating the argument amen leads to SQL injection. Exploitation is possible remotely, and the exploit has been publicly disclosed (Exploit maturity:...

7.5CVSS6.9AI score0.00269EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/07/05 11:30 a.m.28 views

CVE-2026-14745 code-projects Real State Services single-list_rent.php sql injection

A weakness has been identified in code-projects Real State Services 1.0. This impacts an unknown function of the file /single-listrent.php. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been made available to t...

7.5CVSS0.00263EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/07/05 11:0 a.m.38 views

CVE-2026-14743 code-projects Real State Services normalHomeSale.php sql injection

A vulnerability was identified in code-projects Real State Services 1.0. The impacted element is an unknown function of the file /normalHomeSale.php. Such manipulation of the argument loc leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might ...

7.5CVSS0.00263EPSS
Exploits0References6
NVD
NVD
added 2026/07/02 12:17 p.m.5 views

CVE-2026-57343

Unauthenticated Cross Site Scripting XSS in Real Estate 7 = 3.5.9 versions...

7.1CVSS0.00191EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/02 11:15 a.m.36 views

CVE-2026-57343 WordPress Real Estate 7 theme <= 3.5.9 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Real Estate 7 = 3.5.9 versions...

7.1CVSS0.00191EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/02 11:15 a.m.6 views

EUVD-2026-41343

Unauthenticated Cross Site Scripting XSS in Real Estate 7 = 3.5.9 versions...

7.1CVSS5.8AI score0.00191EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:15 a.m.15 views

CVE-2026-57343

CVE-2026-57343 describes an unauthenticated Cross Site Scripting (XSS) vulnerability in the WordPress Real Estate 7 theme, affected

7.1CVSS5.8AI score0.00191EPSS
Exploits0References1
Nuclei
Nuclei
added 2026/07/01 3:36 a.m.9 views

WordPress Realtyna Organic IDX Plugin <= 4.14.4 - SQL Injection

The Realtyna Organic IDX plugin plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 4.14.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attacke...

9.3CVSS5.8AI score0.0172EPSS
Exploits0References2
Rows per page
Query Builder