Show filters
21 Total Results
Displaying 11-20 of 21
Sort by:
Attacker Value
Unknown

CVE-2022-28410

Disclosure Date: April 21, 2022 (last updated February 23, 2025)
Simple Real Estate Portal System v1.0 was discovered to contain a SQL injection vulnerability via /reps/classes/Users.php?f=delete_agent.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-28030

Disclosure Date: April 21, 2022 (last updated February 23, 2025)
Simple Real Estate Portal System v1.0 was discovered to contain a SQL injection vulnerability via /reps/classes/Master.php?f=delete_estate.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-28029

Disclosure Date: April 21, 2022 (last updated February 23, 2025)
Simple Real Estate Portal System v1.0 was discovered to contain a SQL injection vulnerability via /reps/classes/Master.php?f=delete_type.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-28028

Disclosure Date: April 21, 2022 (last updated February 23, 2025)
Simple Real Estate Portal System v1.0 was discovered to contain a SQL injection vulnerability via /reps/classes/Master.php?f=delete_amenity.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-25399

Disclosure Date: March 02, 2022 (last updated February 23, 2025)
Simple Real Estate Portal System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2010-1062

Disclosure Date: March 23, 2010 (last updated October 04, 2023)
Directory traversal vulnerability in codelib/sys/common.inc.php in Phpkobo Free Real Estate Contact Form 1.09, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the LANG_CODE parameter. NOTE: some of these details are obtained from third party information.
0
0
Attacker Value
Unknown

CVE-2010-1063

Disclosure Date: March 23, 2010 (last updated October 04, 2023)
Multiple directory traversal vulnerabilities in Phpkobo Free Real Estate Contact Form 1.09, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the LANG_CODE parameter to (1) codelib/cfg/common.inc.php, (2) form/app/common.inc.php, and (3) staff/app/common.inc.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
0
0
Attacker Value
Unknown

CVE-2009-4477

Disclosure Date: December 30, 2009 (last updated October 04, 2023)
SQL injection vulnerability in page.html in Xstate Real Estate 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter.
0
0
Attacker Value
Unknown

CVE-2009-4478

Disclosure Date: December 30, 2009 (last updated October 04, 2023)
Multiple cross-site scripting (XSS) vulnerabilities in Xstate Real Estate 1.0 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) home.html or (2) lands.html.
0
0
Attacker Value
Unknown

CVE-2009-4318

Disclosure Date: December 14, 2009 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in index.php in Real Estate Manager 1.0.1 allows remote attackers to inject arbitrary web script or HTML via the lang parameter. NOTE: some of these details are obtained from third party information.
0
0
View More Topics  < Previous  Next >