Vulnerabilities (CVE)

Filtered by vendor Advanced Real Estate Script Project Subscribe
Total 13 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-20337 1 Advanced Real Estate Script Project 1 Advanced Real Estate Script 2024-11-21 6.5 MEDIUM 7.2 HIGH
In PHP Scripts Mall advanced-real-estate-script 4.0.9, the news_edit.php news_id parameter is vulnerable to SQL Injection.
CVE-2019-20336 1 Advanced Real Estate Script Project 1 Advanced Real Estate Script 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
In PHP Scripts Mall advanced-real-estate-script 4.0.9, the search-results.php searchtext parameter is vulnerable to XSS.
CVE-2018-5078 1 Advanced Real Estate Script Project 1 Advanced Real Estate Script 2024-11-21 3.5 LOW 4.8 MEDIUM
Online Ticket Booking has XSS via the admin/eventlist.php cast parameter.
CVE-2018-5077 1 Advanced Real Estate Script Project 1 Advanced Real Estate Script 2024-11-21 3.5 LOW 4.8 MEDIUM
Online Ticket Booking has XSS via the admin/movieedit.php moviename parameter.
CVE-2018-5076 1 Advanced Real Estate Script Project 1 Advanced Real Estate Script 2024-11-21 3.5 LOW 4.8 MEDIUM
Online Ticket Booking has XSS via the admin/newsedit.php newstitle parameter.
CVE-2018-5075 1 Advanced Real Estate Script Project 1 Advanced Real Estate Script 2024-11-21 3.5 LOW 4.8 MEDIUM
Online Ticket Booking has XSS via the admin/snacks_edit.php snacks_name parameter.
CVE-2018-5074 1 Advanced Real Estate Script Project 1 Advanced Real Estate Script 2024-11-21 3.5 LOW 4.8 MEDIUM
Online Ticket Booking has XSS via the admin/manageownerlist.php contact parameter.
CVE-2018-5073 1 Advanced Real Estate Script Project 1 Advanced Real Estate Script 2024-11-21 6.0 MEDIUM 6.8 MEDIUM
Online Ticket Booking has CSRF via admin/movieedit.php.
CVE-2018-5072 1 Advanced Real Estate Script Project 1 Advanced Real Estate Script 2024-11-21 3.5 LOW 4.8 MEDIUM
Online Ticket Booking has XSS via the admin/sitesettings.php keyword parameter.
CVE-2018-15189 1 Advanced Real Estate Script Project 1 Advanced Real Estate Script 2024-11-21 3.5 LOW 5.4 MEDIUM
PHP Scripts Mall advanced-real-estate-script has XSS via the Name field of a profile.
CVE-2018-15188 1 Advanced Real Estate Script Project 1 Advanced Real Estate Script 2024-11-21 5.5 MEDIUM 6.5 MEDIUM
PHP Scripts Mall advanced-real-estate-script 4.0.9 allows remote attackers to cause a denial of service (page structure loss) via crafted JavaScript code in the Name field of a profile.
CVE-2018-15187 1 Advanced Real Estate Script Project 1 Advanced Real Estate Script 2024-11-21 6.0 MEDIUM 8.0 HIGH
PHP Scripts Mall advanced-real-estate-script 4.0.9 has CSRF via edit-profile.php.
CVE-2017-17603 1 Advanced Real Estate Script Project 1 Advanced Real Estate Script 2024-11-21 7.5 HIGH 9.8 CRITICAL
Advanced Real Estate Script 4.0.7 has SQL Injection via the search-results.php Projectmain, proj_type, searchtext, sell_price, or maxprice parameter.