Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Advanced Real Estate Script Project Subscribe
Filtered by product Advanced Real Estate Script
Total 13 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-20337 1 Advanced Real Estate Script Project 1 Advanced Real Estate Script 2020-01-09 6.5 MEDIUM 7.2 HIGH
In PHP Scripts Mall advanced-real-estate-script 4.0.9, the news_edit.php news_id parameter is vulnerable to SQL Injection.
CVE-2019-20336 1 Advanced Real Estate Script Project 1 Advanced Real Estate Script 2020-01-09 4.3 MEDIUM 6.1 MEDIUM
In PHP Scripts Mall advanced-real-estate-script 4.0.9, the search-results.php searchtext parameter is vulnerable to XSS.
CVE-2018-15188 1 Advanced Real Estate Script Project 1 Advanced Real Estate Script 2018-10-09 5.5 MEDIUM 6.5 MEDIUM
PHP Scripts Mall advanced-real-estate-script 4.0.9 allows remote attackers to cause a denial of service (page structure loss) via crafted JavaScript code in the Name field of a profile.
CVE-2018-15189 1 Advanced Real Estate Script Project 1 Advanced Real Estate Script 2018-10-05 3.5 LOW 5.4 MEDIUM
PHP Scripts Mall advanced-real-estate-script has XSS via the Name field of a profile.
CVE-2018-15187 1 Advanced Real Estate Script Project 1 Advanced Real Estate Script 2018-10-05 6.0 MEDIUM 8.0 HIGH
PHP Scripts Mall advanced-real-estate-script 4.0.9 has CSRF via edit-profile.php.
CVE-2018-5073 1 Advanced Real Estate Script Project 1 Advanced Real Estate Script 2018-01-17 6.0 MEDIUM 6.8 MEDIUM
Online Ticket Booking has CSRF via admin/movieedit.php.
CVE-2018-5076 1 Advanced Real Estate Script Project 1 Advanced Real Estate Script 2018-01-17 3.5 LOW 4.8 MEDIUM
Online Ticket Booking has XSS via the admin/newsedit.php newstitle parameter.
CVE-2018-5077 1 Advanced Real Estate Script Project 1 Advanced Real Estate Script 2018-01-17 3.5 LOW 4.8 MEDIUM
Online Ticket Booking has XSS via the admin/movieedit.php moviename parameter.
CVE-2018-5078 1 Advanced Real Estate Script Project 1 Advanced Real Estate Script 2018-01-16 3.5 LOW 4.8 MEDIUM
Online Ticket Booking has XSS via the admin/eventlist.php cast parameter.
CVE-2018-5074 1 Advanced Real Estate Script Project 1 Advanced Real Estate Script 2018-01-16 3.5 LOW 4.8 MEDIUM
Online Ticket Booking has XSS via the admin/manageownerlist.php contact parameter.
CVE-2018-5072 1 Advanced Real Estate Script Project 1 Advanced Real Estate Script 2018-01-16 3.5 LOW 4.8 MEDIUM
Online Ticket Booking has XSS via the admin/sitesettings.php keyword parameter.
CVE-2018-5075 1 Advanced Real Estate Script Project 1 Advanced Real Estate Script 2018-01-12 3.5 LOW 4.8 MEDIUM
Online Ticket Booking has XSS via the admin/snacks_edit.php snacks_name parameter.
CVE-2017-17603 1 Advanced Real Estate Script Project 1 Advanced Real Estate Script 2017-12-22 7.5 HIGH 9.8 CRITICAL
Advanced Real Estate Script 4.0.7 has SQL Injection via the search-results.php Projectmain, proj_type, searchtext, sell_price, or maxprice parameter.