19 matches found
CVE-2025-5583
CVE-2025-5583 affects CodeAstro Real Estate Management System 1.0, with an SQL injection in an unknown function of /register.php. The vulnerability allows remote exploitation and the exploit has been disclosed publicly. Multiple sources (NVD, Red Hat, CVE lists) concur on the existence of this SQ...
CVE-2025-5610
CodeAstro Real Estate Management System 1.0 contains a SQL injection vulnerability in the /submitpropertydelete.php file, caused by unsafely manipulating the ID parameter. The issue is exploitable remotely, with exploitation details disclosed publicly. Multiple sources corroborate the existence a...
CVE-2025-5582
CVE-2025-5582 affects CodeAstro Real Estate Management System 1.0. The vulnerability is a SQL injection in the /profile.php file caused by improper handling of the content parameter, enabling remote exploitation. Publicly disclosed exploit code exists; impact is aligned with high confidentiality/...
CVE-2025-5611
CodeAstro Real Estate Management System 1.0 is affected by CVE-2025-5611 due to SQL injection in /submitpropertyupdate.php caused by manipulation of the ID parameter. Exploitation can be remote; multiple sources note disclosure of exploits and public availability. The Connected documents do not p...
CVE-2024-1103
The CVE-2024-1103 entry concerns CodeAstro Real Estate Management System 1.0, affecting the file profile.php in the Feedback Form. The issue is a cross-site scripting vulnerability triggered by the input in the Your Feedback parameter (e.g., ), which can be exploited remotely. The exploit is publ...
CVE-2024-0543
The CVE-2024-0543 entry affects CodeAstro Real Estate Management System versions up to 1.0. The vulnerability is a SQL injection in the propertydetail.php file caused by manipulation of the pid argument. It can be exploited remotely and exploits have been publicly disclosed. Connected documents c...
CVE-2024-11058
CVE-2024-11058 affects CodeAstro Real Estate Management System up to version 1.0. The vulnerability is an SQL injection in the About Us Page component, caused by improper handling of the id parameter in the /aboutedit.php file. It can be exploited remotely and, per public disclosures, an exploit ...
CVE-2024-11000
CVE-2024-11000 affects CodeAstro Real Estate Management System 1.0, where the argument aimage in /aboutedit.php enables unrestricted file upload. The vulnerability targets an unknown functionality, can be exploited remotely, and public disclosure exists. Connected sources consistently describe an...
CVE-2024-10999
CodeAstro Real Estate Management System 1.0 is affected by CVE-2024-10999 via an unrestricted upload vulnerability in the About Us page file /aboutadd.php, caused by the aimage parameter. The issue allows remote exploitation and has been publicly disclosed. No official patch details are provided ...
CVE-2025-5581
CVE-2025-5581 affects CodeAstro Real Estate Management System 1.0. The vulnerable component is the /admin/index.php file, where manipulation of the User parameter leads to an SQL injection. The vulnerability is exploitable remotely and the exploit has been disclosed publicly. Multiple sources cor...
CVE-2025-5580
CodeAstro Real Estate Management System 1.0 contains a SQL injection vulnerability in the login flow, caused by improper handling of the email parameter in /login.php. The issue is exploitable remotely and has been publicly disclosed. Multiple independent sources (NVD/NVD-derived entries, Red Hat...
CVE-2025-9942
CVE-2025-9942 affects CodeAstro Real Estate Management System 1.0. The vulnerability is in an unknown function of the file /submitproperty.php, which allows unrestricted file uploads. The issue can be exploited remotely, and public disclosure exists. Practical impact is unrestricted uploads, pote...
CVE-2025-9940
CodeAstro Real Estate Management System 1.0 contains a cross-site scripting (XSS) vulnerability in the /feature.php file, caused by manipulation of the msg parameter. The issue can be triggered remotely and exploits are publicly available. Multiple sources (NVD, CVE listing, Red Hat, CNVD, PT Sec...
CVE-2025-9941
CVE-2025-9941 affects CodeAstro Real Estate Management System 1.0, with the vulnerability in /register.php caused by manipulation of the uimage parameter, leading to unrestricted file uploads. The issue can be exploited remotely, and public exploits have been published. The vulnerability is discu...
CVE-2025-9939
CodeAstro Real Estate Management System 1.0 is affected by a cross-site scripting (XSS) vulnerability in an unknown function of /propertyview.php where manipulation of the msg parameter enables remote exploitation. Multiple sources confirm the issue and that the exploit has been publicly disclose...
CVE-2025-14898
CVE-2025-14898 affects CodeAstro Real Estate Management System 1.0. In the file /admin/userbuilderdelete.php of the Administrator Endpoint , there is an input handling flaw that enables SQL injection . The issue is exploitable remotely and the exploit has been publicly released. The Red Hat/ENISA...
CVE-2025-14897
CVE-2025-14897 affects CodeAstro Real Estate Management System 1.0, with the vulnerability located in the Administrator Endpoint’s /admin/useragentdelete.php function. The issue enables SQL injection via parameter handling in that file, allowing remote initiation. Public exploit code exists, indi...
CVE-2025-14899
CodeAstro Real Estate Management System 1.0 has a SQL injection vulnerability in the Administrator Endpoint, specifically the /admin/stateadd.php file. The weakness is tied to an unknown function, and the manipulation can be performed remotely, with exploits publicly available. Multiple trusted s...
CVE-2025-14900
CodeAstro Real Estate Management System 1.0 is affected. The vulnerability is an SQL injection in the Administrator Endpoint, caused by manipulation of the ID parameter in /admin/userdelete.php. Exploitation can be remote and a public exploit exists. The root cause is improper handling of the ID ...