Vulnerabilities > Advanced Real Estate Script Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-01-03 | CVE-2018-5073 | Cross-Site Request Forgery (CSRF) vulnerability in Advanced Real Estate Script Project Advanced Real Estate Script Online Ticket Booking has CSRF via admin/movieedit.php. | 6.8 |
2018-01-03 | CVE-2018-5072 | Cross-site Scripting vulnerability in Advanced Real Estate Script Project Advanced Real Estate Script Online Ticket Booking has XSS via the admin/sitesettings.php keyword parameter. | 4.8 |
2017-12-13 | CVE-2017-17603 | SQL Injection vulnerability in Advanced Real Estate Script Project Advanced Real Estate Script 4.0.7 Advanced Real Estate Script 4.0.7 has SQL Injection via the search-results.php Projectmain, proj_type, searchtext, sell_price, or maxprice parameter. | 9.8 |