Vulnerabilities > Advanced Real Estate Script Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-03 | CVE-2018-5073 | Cross-Site Request Forgery (CSRF) vulnerability in Advanced Real Estate Script Project Advanced Real Estate Script Online Ticket Booking has CSRF via admin/movieedit.php. | 6.0 |
| 2018-01-03 | CVE-2018-5072 | Cross-site Scripting vulnerability in Advanced Real Estate Script Project Advanced Real Estate Script Online Ticket Booking has XSS via the admin/sitesettings.php keyword parameter. | 3.5 |
| 2017-12-13 | CVE-2017-17603 | SQL Injection vulnerability in Advanced Real Estate Script Project Advanced Real Estate Script 4.0.7 Advanced Real Estate Script 4.0.7 has SQL Injection via the search-results.php Projectmain, proj_type, searchtext, sell_price, or maxprice parameter. | 7.5 |