Advanced Real Estate Script

advanced_real_estate_script

Vendor: Advanced Real Estate Script Project • 13 CVEs

CVEs (13)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-20337 1Advanced Real Estate Script Project 1Advanced Real Estate Script Jun 17, 2026 Jan 5, 2020 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 In PHP Scripts Mall advanced-real-estate-script 4.0.9, the news_edit.php news_id parameter is vulnerable to SQL Injection.
CVE-2019-20336 1Advanced Real Estate Script Project 1Advanced Real Estate Script Jun 17, 2026 Jan 5, 2020 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 In PHP Scripts Mall advanced-real-estate-script 4.0.9, the search-results.php searchtext parameter is vulnerable to XSS.
CVE-2018-15189 1Advanced Real Estate Script Project 1Advanced Real Estate Script Nov 21, 2024 Aug 10, 2018 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 PHP Scripts Mall advanced-real-estate-script has XSS via the Name field of a profile.
CVE-2018-15188 1Advanced Real Estate Script Project 1Advanced Real Estate Script Nov 21, 2024 Aug 10, 2018 N/A· v4 6.5 MEDIUM· v3 5.5 MEDIUM· v2 PHP Scripts Mall advanced-real-estate-script 4.0.9 allows remote attackers to cause a denial of service (page structure loss) via crafted JavaScript code in the Name field of a profile.
CVE-2018-15187 1Advanced Real Estate Script Project 1Advanced Real Estate Script Nov 21, 2024 Aug 10, 2018 N/A· v4 8.0 HIGH· v3 6.0 MEDIUM· v2 PHP Scripts Mall advanced-real-estate-script 4.0.9 has CSRF via edit-profile.php.
CVE-2018-5078 1Advanced Real Estate Script Project 1Advanced Real Estate Script Nov 21, 2024 Jan 3, 2018 N/A· v4 4.8 MEDIUM· v3 3.5 LOW· v2 Online Ticket Booking has XSS via the admin/eventlist.php cast parameter.
CVE-2018-5077 1Advanced Real Estate Script Project 1Advanced Real Estate Script Nov 21, 2024 Jan 3, 2018 N/A· v4 4.8 MEDIUM· v3 3.5 LOW· v2 Online Ticket Booking has XSS via the admin/movieedit.php moviename parameter.
CVE-2018-5076 1Advanced Real Estate Script Project 1Advanced Real Estate Script Nov 21, 2024 Jan 3, 2018 N/A· v4 4.8 MEDIUM· v3 3.5 LOW· v2 Online Ticket Booking has XSS via the admin/newsedit.php newstitle parameter.
CVE-2018-5075 1Advanced Real Estate Script Project 1Advanced Real Estate Script Nov 21, 2024 Jan 3, 2018 N/A· v4 4.8 MEDIUM· v3 3.5 LOW· v2 Online Ticket Booking has XSS via the admin/snacks_edit.php snacks_name parameter.
CVE-2018-5074 1Advanced Real Estate Script Project 1Advanced Real Estate Script Nov 21, 2024 Jan 3, 2018 N/A· v4 4.8 MEDIUM· v3 3.5 LOW· v2 Online Ticket Booking has XSS via the admin/manageownerlist.php contact parameter.
CVE-2018-5073 1Advanced Real Estate Script Project 1Advanced Real Estate Script Nov 21, 2024 Jan 3, 2018 N/A· v4 6.8 MEDIUM· v3 6.0 MEDIUM· v2 Online Ticket Booking has CSRF via admin/movieedit.php.
CVE-2018-5072 1Advanced Real Estate Script Project 1Advanced Real Estate Script Nov 21, 2024 Jan 3, 2018 N/A· v4 4.8 MEDIUM· v3 3.5 LOW· v2 Online Ticket Booking has XSS via the admin/sitesettings.php keyword parameter.
CVE-2017-17603 1Advanced Real Estate Script Project 1Advanced Real Estate Script May 13, 2026 Dec 13, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Advanced Real Estate Script 4.0.7 has SQL Injection via the search-results.php Projectmain, proj_type, searchtext, sell_price, or maxprice parameter.