CVE-2025-5128

CVE-2025-5128 refers to ScriptAndTools Real-Estate-website-in-PHP v1.0. The issue is an SQL injection in the Admin Login Panel via the Password parameter in the /admin/ path, enabling remote exploitation. Public disclosure is noted, and vendor response is absent. Multiple connected sources corrob...

CVE-2025-9848

CVE-2025-9848 affects ScriptAndTools Real Estate Management System 1.0. The vulnerability resides in an unknown function within the file /admin/userlist.php, allowing manipulation that results in code execution after redirect. It can be exploited remotely and the exploit has been publicly disclos...

CVE-2025-6329

CVE-2025-6329 affects ScriptAndTools Real Estate Management System 1.0. The vulnerability lies in the User Delete Handler’s file userdelete.php, where manipulating the argument ID leads to an authorization bypass. Reports indicate remote initiation and public disclosure of the exploit. No officia...

CVE-2025-9847

ScriptAndTools Real Estate Management System 1.0 contains a vulnerability in the register.php file where manipulating the uimage parameter allows unrestricted file upload. The issue affects an unknown function in register.php and enables remote exploitation; public exploits have been reported. Th...