Lucene search
K

2027 matches found

Nuclei
Nuclei
added 17 hours ago52 views

JoomlaUX JUX Real Estate 3.4.0 - Reflected XSS

A vulnerability was found in JoomlaUX JUX Real Estate 3.4.0 on Joomla. It has been classified as problematic. Affected is an unknown function of the file /extensions/realestate/index.php/properties/list/list-with-sidebar/realties. The manipulation of the argument Itemid/jpyearbuilt leads to cross...

6.1CVSS3.8AI score0.0097EPSS
Exploits2References3
Nuclei
Nuclei
added 17 hours ago51 views

WordPress Essential Real Estate <3.9.6 - Authenticated Cross-Site Scripting

WordPress Essential Real Estate plugin before 3.9.6 contains an authenticated cross-site scripting vulnerability. The plugin does not sanitize and escape some parameters, which can allow someone with a role as low as admin to inject arbitrary script in the browser of an unsuspecting user in the...

5.4CVSS6.1AI score0.00869EPSS
Exploits2References5
Cvelist
Cvelist
added 2 days ago25 views

CVE-2026-14769 code-projects Real State Services pay.php sql injection

A security vulnerability has been detected in code-projects Real State Services 1.0. This issue affects some unknown processing of the file /pay.php. Such manipulation of the argument Bankname leads to sql injection. The attack may be performed from remote. The exploit has been disclosed publicly...

7.5CVSS0.00269EPSS
Exploits0References6
CVE
CVE
added 2 days ago6 views

CVE-2026-14769

The CVE-2026-14769 entry concerns code-projects Real State Services 1.0. A vulnerability in processing the file /pay.php allows manipulation of the Bankname parameter that leads to a SQL injection. The issue appears to be exploitable remotely and public exploit details are available. Metrics indi...

7.5CVSS6.8AI score0.00269EPSS
Exploits0References6
Cvelist
Cvelist
added 2 days ago26 views

CVE-2026-14768 code-projects Real State Services builderHome.php sql injection

A weakness has been identified in code-projects Real State Services 1.0. This vulnerability affects unknown code of the file /builderHome.php. This manipulation of the argument loc causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the...

7.5CVSS0.00269EPSS
Exploits0References6
NVD
NVD
added 2 days ago6 views

CVE-2026-14746

A security vulnerability has been detected in code-projects Real State Services 1.0. Affected is an unknown function of the file /addprojectrent.php. The manipulation of the argument amen leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may...

7.5CVSS0.00269EPSS
Exploits0References6
Cvelist
Cvelist
added 2 days ago28 views

CVE-2026-14746 code-projects Real State Services addprojectrent.php sql injection

A security vulnerability has been detected in code-projects Real State Services 1.0. Affected is an unknown function of the file /addprojectrent.php. The manipulation of the argument amen leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may...

7.5CVSS0.00269EPSS
Exploits0References6
CVE
CVE
added 2 days ago10 views

CVE-2026-14746

CVE-2026-14746 affects code-projects Real State Services 1.0. The vulnerability is in an unknown function of the file /addprojectrent.php, where manipulating the argument amen leads to SQL injection. Exploitation is possible remotely, and the exploit has been publicly disclosed (Exploit maturity:...

7.5CVSS6.9AI score0.00269EPSS
Exploits0References6
Cvelist
Cvelist
added 2 days ago25 views

CVE-2026-14745 code-projects Real State Services single-list_rent.php sql injection

A weakness has been identified in code-projects Real State Services 1.0. This impacts an unknown function of the file /single-listrent.php. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been made available to t...

7.5CVSS0.00263EPSS
Exploits0References6
Cvelist
Cvelist
added 2 days ago35 views

CVE-2026-14743 code-projects Real State Services normalHomeSale.php sql injection

A vulnerability was identified in code-projects Real State Services 1.0. The impacted element is an unknown function of the file /normalHomeSale.php. Such manipulation of the argument loc leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might ...

7.5CVSS0.00263EPSS
Exploits0References6
NVD
NVD
added 5 days ago4 views

CVE-2026-57343

Unauthenticated Cross Site Scripting XSS in Real Estate 7 = 3.5.9 versions...

7.1CVSS0.00191EPSS
Exploits0References1
EUVD
EUVD
added 5 days ago5 views

EUVD-2026-41343

Unauthenticated Cross Site Scripting XSS in Real Estate 7 = 3.5.9 versions...

7.1CVSS5.8AI score0.00191EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago34 views

CVE-2026-57343 WordPress Real Estate 7 theme <= 3.5.9 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Real Estate 7 = 3.5.9 versions...

7.1CVSS0.00191EPSS
Exploits0References1
CVE
CVE
added 5 days ago11 views

CVE-2026-57343

CVE-2026-57343 describes an unauthenticated Cross Site Scripting (XSS) vulnerability in the WordPress Real Estate 7 theme, affected

7.1CVSS5.8AI score0.00191EPSS
Exploits0References1
Nuclei
Nuclei
added 6 days ago7 views

WordPress Realtyna Organic IDX Plugin <= 4.14.4 - SQL Injection

The Realtyna Organic IDX plugin plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 4.14.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attacke...

9.3CVSS5.8AI score0.0172EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/06/29 12:17 p.m.5 views

WordPress Real Estate 7 theme <= 3.5.9 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Real Estate 7 versions = 3.5.9...

7.1CVSS5.8AI score0.00191EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2026/06/29 10:30 a.m.31 views

CVE-2026-13559 code-projects Real State Services single-list_sale.php add sql injection

A weakness has been identified in code-projects Real State Services 1.0. Impacted is an unknown function of the file /single-listsale.php?action=add. Executing a manipulation of the argument ID can lead to sql injection. The attack can be executed remotely. The exploit has been made available to...

7.5CVSS0.00412EPSS
Exploits0References6
NVD
NVD
added 2026/06/26 3:16 p.m.5 views

CVE-2026-57641

Unauthenticated Cross Site Request Forgery CSRF in Real Estate 7 = 3.5.9 versions...

6.5CVSS0.00127EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 3:16 p.m.5 views

CVE-2026-54827

Unauthenticated SQL Injection in Real Estate 7 = 3.5.9 versions...

9.3CVSS0.00283EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 2:53 p.m.6 views

EUVD-2026-39756

Unauthenticated Cross Site Request Forgery CSRF in Real Estate 7 = 3.5.9 versions...

6.5CVSS5.8AI score0.00127EPSS
Exploits0References1
Rows per page
Query Builder