Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
real estate vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2018-5077
Online Ticket Booking has XSS via the admin/movieedit.php moviename parameter.
Advanced Real Estate Script Project Advanced Real Estate Script -
3.5
CVSSv2
CVE-2018-5078
Online Ticket Booking has XSS via the admin/eventlist.php cast parameter.
Advanced Real Estate Script Project Advanced Real Estate Script -
3.5
CVSSv2
CVE-2022-1646
The Simple Real Estate Pack WordPress plugin up to and including 1.4.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed
Simple Real Estate Pack Project Simple Real Estate Pack
7.5
CVSSv2
CVE-2008-6009
SG Real Estate Portal 2.0 allows remote malicious users to bypass authentication and gain administrative access by setting the Auth cookie to 1.
Sg Real Estate Portal Sg Real Estate Portal 2.0
1 EDB exploit
3.5
CVSSv2
CVE-2018-5072
Online Ticket Booking has XSS via the admin/sitesettings.php keyword parameter.
Advanced Real Estate Script Project Advanced Real Estate Script -
6
CVSSv2
CVE-2018-5073
Online Ticket Booking has CSRF via admin/movieedit.php.
Advanced Real Estate Script Project Advanced Real Estate Script -
3.5
CVSSv2
CVE-2018-5075
Online Ticket Booking has XSS via the admin/snacks_edit.php snacks_name parameter.
Advanced Real Estate Script Project Advanced Real Estate Script -
6
CVSSv2
CVE-2018-15187
PHP Scripts Mall advanced-real-estate-script 4.0.9 has CSRF via edit-profile.php.
Advanced Real Estate Script Project Advanced Real Estate Script 4.0.9
7.5
CVSSv2
CVE-2017-17603
Advanced Real Estate Script 4.0.7 has SQL Injection via the search-results.php Projectmain, proj_type, searchtext, sell_price, or maxprice parameter.
Advanced Real Estate Script Project Advanced Real Estate Script 4.0.7
1 EDB exploit
7.5
CVSSv2
CVE-2007-6462
SQL injection vulnerability in fullnews.php in PHP Real Estate Classifieds allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Php Real Estate Classifieds Php Real Estate Classifieds Premium Plus
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »