6 matches found
CVE-2022-25399
CVE-2022-25399 affects Simple Real Estate Portal System v1.0, with a SQL injection vulnerability in the id parameter. The issue is documented with high/critical severity (CVSS v3.1: 9.8; network, no auth, UI NONE). No exploitation details or remediation are provided in the connected documents. Se...
CVE-2022-28029
CVE-2022-28029 affects Simple Real Estate Portal System v1.0. The vulnerability is a SQL injection in the endpoint /reps/classes/Master.php?f=delete_type, as reported across multiple trusted sources. The NVD entry lists high/critical impact (C/P/I/A) with network attack vector and no authenticati...
CVE-2022-28028
The CVE-2022-28028 entry concerns Simple Real Estate Portal System v1.0, which contains a SQL injection vulnerability in the parameter /reps/classes/Master.php?f=delete_amenity. Connected documents corroborate the issue across multiple sources, and CVSS v3.1 scores indicate a CRITICAL severity (9...
CVE-2022-28030
CVE-2022-28030 applies to Simple Real Estate Portal System v1.0. The vulnerability is a SQL injection via the endpoint /reps/classes/Master.php?f=delete_estate, affecting the app’s database interaction. The CVSS metrics indicate high to critical impact (CVSS‑2: Confidentiality/Integrity/Availabil...
CVE-2022-28410
The CVE-2022-28410 entry corresponds to a SQL injection in Simple Real Estate Portal System v1.0, exploitable via /reps/classes/Users.php?f=delete_agent. The connected documents confirm the affected software/component (Simple Real Estate Portal System v1.0) and the root cause (SQL injection). Exp...
CVE-2023-5805
CVE-2023-5805 corresponds to a SQL injection in SourceCodester Simple Real Estate Portal System 1.0, caused by unsafely handling the id parameter in view_estate.php. Exploitation can be remote and public disclosures exist. Affected component: view_estate.php (and variations in naming). Root cause...