2 matches found
CVE-2013-5931
CVE-2013-5931 : A SQL injection vulnerability affects the Real Estate PHP Script in the file property_listings_detail.php via the listingid parameter. An attacker could remotely execute arbitrary SQL commands, as documented by the CVE description (CVSSv2 base score 7.5, HIGH). The connected recor...
CVE-2013-5930
CVE-2013-5930 affects the Real Estate PHP Script, specifically the search_residential.php endpoint. It is a cross-site scripting (XSS) vulnerability exploitable via the bos parameter, allowing remote attackers to inject arbitrary scripts/HTML. The NVD entry notes a CVSS v2 base score of 4.3 (Medi...