3 matches found
CVE-2019-20336
In PHP Scripts Mall advanced-real-estate-script 4.0.9, the search-results.php searchtext parameter is vulnerable to XSS.
CVE-2018-15188
PHP Scripts Mall advanced-real-estate-script 4.0.9 allows remote attackers to cause a denial of service (page structure loss) via crafted JavaScript code in the Name field of a profile.
CVE-2018-5073
Online Ticket Booking has CSRF via admin/movieedit.php.