Vulnerabilities > Advanced Real Estate Script Project

DATE CVE VULNERABILITY TITLE RISK
2018-01-03 CVE-2018-5073 Cross-Site Request Forgery (CSRF) vulnerability in Advanced Real Estate Script Project Advanced Real Estate Script
Online Ticket Booking has CSRF via admin/movieedit.php.
6.8
2018-01-03 CVE-2018-5072 Cross-site Scripting vulnerability in Advanced Real Estate Script Project Advanced Real Estate Script
Online Ticket Booking has XSS via the admin/sitesettings.php keyword parameter.
4.8
2017-12-13 CVE-2017-17603 SQL Injection vulnerability in Advanced Real Estate Script Project Advanced Real Estate Script 4.0.7
Advanced Real Estate Script 4.0.7 has SQL Injection via the search-results.php Projectmain, proj_type, searchtext, sell_price, or maxprice parameter.
network
low complexity
advanced-real-estate-script-project CWE-89
critical
9.8