Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Cvelist
Cvelistadded 2026/03/15 6:34 p.m.19 views

CVE-2015-20121 RealtyScript 4.0.2 SQL Injection via u_id and agent Parameters

Next Click Ventures RealtyScript 4.0.2 contains SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries by injecting arbitrary SQL code through the GET parameter 'uid' in /admin/users.php and the POST parameter 'agent' in /admin/mailer.php. Attackers can...

8.8CVSS0.0027EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2026/03/15 6:34 p.m.1 views

CVE-2015-20121 RealtyScript 4.0.2 SQL Injection via u_id and agent Parameters

Next Click Ventures RealtyScript 4.0.2 contains SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries by injecting arbitrary SQL code through the GET parameter 'uid' in /admin/users.php and the POST parameter 'agent' in /admin/mailer.php. Attackers can...

8.8CVSS6.1AI score0.0027EPSS
Exploits1References3
CVE
CVEadded 2026/03/15 6:34 p.m.4 views

CVE-2015-20119

CVE-2015-20119 affects RealtyScript 4.0.2 (Next Click Ventures). It is a stored cross-site scripting vulnerability in the pages.php admin interface: an authenticated attacker can submit crafted iframe payloads via the text parameter to the add page action, storing malicious content that executes ...

6.4CVSS5.7AI score0.00042EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/03/15 6:34 p.m.1 views

CVE-2015-20114

Next Click Ventures RealtyScript 4.0.2 contains a cross-site scripting vulnerability that allows attackers to execute arbitrary HTML and script code by injecting malicious input through multiple parameters that are not properly sanitized. Attackers can craft requests with injected script payloads...

6AI score0.00055EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichmentadded 2026/03/15 6:34 p.m.0 views

CVE-2015-20113 RealtyScript 4.0.2 Multiple Cross-Site Request Forgery and Persistent Cross-Site Scripting Vulnerabilities

Next Click Ventures RealtyScript 4.0.2 contains cross-site request forgery and persistent cross-site scripting vulnerabilities that allow attackers to perform administrative actions and inject malicious scripts. Attackers can craft malicious web pages that execute unauthorized actions when...

6.9CVSS5.7AI score0.00039EPSS
Exploits2References3
Packet Storm
Packet Stormadded 2015/10/19 12:0 a.m.19 views

RealtyScript 4.0.2 Cross Site Request Forgery / Cross Site Scripting

RealtyScript v4.0.2 Multiple CSRF And Persistent XSS Vulnerabilities Vendor: Next Click Ventures Product web page: http://www.realtyscript.com Affected version: 4.0.2 Summary: RealtyScript is award-winning real estate software that makes it effortless for a real estate agent, office, or...

7.4AI score
Exploits0
Rows per page
Query Builder