Vulnerabilities > Advanced Real Estate Script Project > Advanced Real Estate Script

DATE CVE VULNERABILITY TITLE RISK
2020-01-05 CVE-2019-20337 SQL Injection vulnerability in Advanced Real Estate Script Project Advanced Real Estate Script 4.0.9
In PHP Scripts Mall advanced-real-estate-script 4.0.9, the news_edit.php news_id parameter is vulnerable to SQL Injection.
6.5
2020-01-05 CVE-2019-20336 Cross-site Scripting vulnerability in Advanced Real Estate Script Project Advanced Real Estate Script 4.0.9
In PHP Scripts Mall advanced-real-estate-script 4.0.9, the search-results.php searchtext parameter is vulnerable to XSS.
4.3
2018-08-10 CVE-2018-15189 Cross-site Scripting vulnerability in Advanced Real Estate Script Project Advanced Real Estate Script 4.0.9
PHP Scripts Mall advanced-real-estate-script has XSS via the Name field of a profile.
3.5
2018-08-10 CVE-2018-15188 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Advanced Real Estate Script Project Advanced Real Estate Script 4.0.9
PHP Scripts Mall advanced-real-estate-script 4.0.9 allows remote attackers to cause a denial of service (page structure loss) via crafted JavaScript code in the Name field of a profile.
5.5
2018-08-10 CVE-2018-15187 Cross-Site Request Forgery (CSRF) vulnerability in Advanced Real Estate Script Project Advanced Real Estate Script 4.0.9
PHP Scripts Mall advanced-real-estate-script 4.0.9 has CSRF via edit-profile.php.
6.0
2018-01-03 CVE-2018-5078 Cross-site Scripting vulnerability in Advanced Real Estate Script Project Advanced Real Estate Script
Online Ticket Booking has XSS via the admin/eventlist.php cast parameter.
3.5
2018-01-03 CVE-2018-5077 Cross-site Scripting vulnerability in Advanced Real Estate Script Project Advanced Real Estate Script
Online Ticket Booking has XSS via the admin/movieedit.php moviename parameter.
3.5
2018-01-03 CVE-2018-5076 Cross-site Scripting vulnerability in Advanced Real Estate Script Project Advanced Real Estate Script
Online Ticket Booking has XSS via the admin/newsedit.php newstitle parameter.
3.5
2018-01-03 CVE-2018-5075 Cross-site Scripting vulnerability in Advanced Real Estate Script Project Advanced Real Estate Script
Online Ticket Booking has XSS via the admin/snacks_edit.php snacks_name parameter.
3.5
2018-01-03 CVE-2018-5074 Cross-site Scripting vulnerability in Advanced Real Estate Script Project Advanced Real Estate Script
Online Ticket Booking has XSS via the admin/manageownerlist.php contact parameter.
3.5