Published: 18/10/2017 Updated: 30/07/2020

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 685

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Cross-site request forgery (CSRF) vulnerability in the Realtyna RPL (com_rpl) component prior to 8.9.5 for Joomla! allows remote malicious users to hijack the authentication of administrators for requests that add a user via an add_user action to administrator/index.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
realtyna realtyna property listing

Realtyna RPL 892 Joomla Extension Persistent XSS And CSRF Vulnerabilities Vendor: Realtyna LLC Product web page: wwwrealtynacom Affected version: 892 Summary: Realtyna CRM (Client Relationship Management) Add-on for RPL is a Real Estate CRM specially designed and developed based on business process and models required by Real Estat ...

The Realtyna RPL application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site Multiple cross site scripting vulnerabilities were also discovered The ...

CWE-352 https://www.exploit-db.com/exploits/38528/http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5271.php http://rpl.realtyna.com/change-logs/rpl7-changelog http://packetstormsecurity.com/files/134067/Realtyna-RPL-8.9.2-CSRF-Cross-Site-Scripting.html https://nvd.nist.gov https://www.exploit-db.com/exploits/38528/

CVE-2015-7715

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect